mirror/docker-letsencrypt-nginx-proxy-companion
1
0
Fork 0
mirror of https://github.com/nginx-proxy/docker-letsencrypt-nginx-proxy-companion synced 2024-11-22 20:42:04 +01:00
Code Issues Releases Activity

Add doc on ACME accounts handling

Browse Source
This commit is contained in:
Gilles Filippini 2020-10-13 21:04:50 +02:00 committed by Nicolas Duchon
parent 0c165134b9
commit e5825d6fc4
No known key found for this signature in database
GPG Key ID: EA3151C66A4D79E7
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/Let's-Encrypt-and-ACME.md
View File

@ -73,3 +73,9 @@ The `DEFAULT_EMAIL` variable must be a valid email and, when set on the **letsen
The `RENEW_PRIVATE_KEYS` environment variable, when set to `false` on the **letsencrypt-nginx-proxy-companion** container, will set `acme.sh` to reuse previously generated private key instead of generating a new one at renewal for all domains.
Reusing private keys can help if you intend to use [HPKP](https://developer.mozilla.org/en-US/docs/Web/HTTP/Public_Key_Pinning), but please note that HPKP has been deprecated by Google's Chrome and that it is therefore strongly discouraged to use it at all.
#### ACME accounts handling
- Use one `acme.sh` configuration directory (`--config-home`) per account email address.
- Each `acme.sh` configuration directory can hold several accounts on different ACME service providers. But only one per service provider.
- The `defaut` configuration directory holds the configuration for empty account email address.