Browse Source

Merge branch 'wip-doc' into 'master'

certificate: explain how to renew an ownca certificate

See merge request main/infrastructure!442
keep-around/9fdde1d7e6ddcaaa0bd4acd1e5f35b9693626c16
Loïc Dachary 2 months ago
parent
commit
9fdde1d7e6
  1. 21
      docs/user-guide.rst

21
docs/user-guide.rst

@ -259,6 +259,27 @@ The default can also be changed for a given host (for instance
`weblate-host`) by setting the desired value in the
`~/.enough/example.com/inventory/host_vars/weblate-host/network.yml` file.
Renewal
+++++++
When using a certificate authority dedicated to the Enough instance,
each certificate must be manually renewed after a year. For instance,
the certificate of `website.example.com` can be renewed as follows::
.. code::
$ rm ~/.enough/example.com/certs/website.example.com*
$ enough --domain example.com service create website
The service create is idempotent: it will notice that the certificate
is missing, create a new one, upload it, install it and reload the web
server.
.. note::
The Let's Encrypt certificates are automatically renewed and do not
require manual intervention.
.. _attached_volumes:
Attached volumes

Loading…
Cancel
Save