make production default
This commit is contained in:
parent
2dab010be3
commit
6953068a7b
31
README.md
31
README.md
|
@ -102,8 +102,9 @@ require('greenlock-express').create({
|
||||||
// Let's Encrypt v2 is ACME draft 11
|
// Let's Encrypt v2 is ACME draft 11
|
||||||
version: 'draft-11'
|
version: 'draft-11'
|
||||||
|
|
||||||
// You MUST change 'acme-staging-v02' to 'acme-v02' in production
|
, server: 'https://acme-v02.api.letsencrypt.org/directory'
|
||||||
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory' // staging
|
// Note: If at first you don't succeed, switch to staging to debug
|
||||||
|
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
|
|
||||||
// You MUST change this to a valid email address
|
// You MUST change this to a valid email address
|
||||||
, email: 'john.doe@example.com'
|
, email: 'john.doe@example.com'
|
||||||
|
@ -157,18 +158,27 @@ Double check the following:
|
||||||
* **API limits**
|
* **API limits**
|
||||||
* You MUST NOT exceed the API [**usage limits**](https://letsencrypt.org/docs/staging-environment/) per domain, certificate, IP address, etc
|
* You MUST NOT exceed the API [**usage limits**](https://letsencrypt.org/docs/staging-environment/) per domain, certificate, IP address, etc
|
||||||
* **Red Lock, Untrusted**
|
* **Red Lock, Untrusted**
|
||||||
* You MUST change the `server` value **in production**
|
* You MUST use the **production** server url, not staging
|
||||||
* Shorten the 'acme-staging-v02' part of the server URL to 'acme-v02'
|
* The API URL should not have 'acme-staging-v02', but should have 'acme-v02'
|
||||||
|
* Delete the `configDir` used for getting certificates in staging
|
||||||
|
|
||||||
### Get it working in staging first!
|
### Production vs Staging
|
||||||
|
|
||||||
|
If at first you don't succeed, stop and switch to staging.
|
||||||
|
|
||||||
There are a number of common problems related to system configuration -
|
There are a number of common problems related to system configuration -
|
||||||
firewalls, ports, permissions, etc - that you are likely to run up against
|
firewalls, ports, permissions, etc - that you are likely to run up against
|
||||||
when using greenlock for your first time.
|
when using greenlock for your first time.
|
||||||
|
|
||||||
In order to avoid being blocked by hitting rate limits with bad requests,
|
I've put a "dry run" in place with built-in diagnostics, so hopefully
|
||||||
you should always test against the `staging` server
|
you get everything right on your first or second try.
|
||||||
(`https://acme-staging-v02.api.letsencrypt.org/directory`) first.
|
|
||||||
|
However, in order to avoid being blocked by hitting the bad request rate limits
|
||||||
|
you should switch to using the `staging` server for any testing or debugging.
|
||||||
|
|
||||||
|
```
|
||||||
|
https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
|
```
|
||||||
|
|
||||||
Plugins
|
Plugins
|
||||||
=====
|
=====
|
||||||
|
@ -254,8 +264,9 @@ It looks a little more like this:
|
||||||
|
|
||||||
// returns an instance of greenlock.js with additional helper methods
|
// returns an instance of greenlock.js with additional helper methods
|
||||||
var lex = require('greenlock-express').create({
|
var lex = require('greenlock-express').create({
|
||||||
// set to https://acme-v02.api.letsencrypt.org/directory in production
|
server: 'https://acme-v02.api.letsencrypt.org/directory'
|
||||||
server: 'https://acme-staging-v02.api.letsencrypt.org/directory'
|
// Note: If at first you don't succeed, stop and switch to staging:
|
||||||
|
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
, version: 'draft-11' // Let's Encrypt v2 (ACME v2)
|
, version: 'draft-11' // Let's Encrypt v2 (ACME v2)
|
||||||
|
|
||||||
// If you wish to replace the default account and domain key storage plugin
|
// If you wish to replace the default account and domain key storage plugin
|
||||||
|
|
|
@ -3,7 +3,12 @@
|
||||||
//require('greenlock-express')
|
//require('greenlock-express')
|
||||||
require('../').create({
|
require('../').create({
|
||||||
|
|
||||||
server: 'staging'
|
// Let's Encrypt v2 is ACME draft 11
|
||||||
|
version: 'draft-11'
|
||||||
|
|
||||||
|
, server: 'https://acme-v02.api.letsencrypt.org/directory'
|
||||||
|
// Note: If at first you don't succeed, stop and switch to staging
|
||||||
|
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
|
|
||||||
, email: 'john.doe@example.com'
|
, email: 'john.doe@example.com'
|
||||||
|
|
||||||
|
|
|
@ -21,8 +21,9 @@ require('../').create({
|
||||||
// Let's Encrypt v2 is ACME draft 11
|
// Let's Encrypt v2 is ACME draft 11
|
||||||
version: 'draft-11'
|
version: 'draft-11'
|
||||||
|
|
||||||
// You MUST change 'acme-staging-v02' to 'acme-v02' in production
|
, server: 'https://acme-v02.api.letsencrypt.org/directory'
|
||||||
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory' // staging
|
// Note: If at first you don't succeed, stop and switch to staging
|
||||||
|
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
|
|
||||||
// The previous 'simple' example set these values statically,
|
// The previous 'simple' example set these values statically,
|
||||||
// but this example uses approveDomains() to set them dynamically
|
// but this example uses approveDomains() to set them dynamically
|
||||||
|
|
|
@ -18,10 +18,9 @@ var secret = require('crypto').randomBytes(16).toString('hex');
|
||||||
require('../').create({
|
require('../').create({
|
||||||
version: 'draft-11'
|
version: 'draft-11'
|
||||||
|
|
||||||
// WARNING: This runs PRODUCTION by default.
|
, server: 'https://acme-v02.api.letsencrypt.org/directory'
|
||||||
// Uncomment staging instead if you're a first-timer.
|
// Note: If at first you don't succeed, stop and switch to staging
|
||||||
, server: 'https://acme-v02.api.letsencrypt.org/directory' // production
|
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
//, server: 'https://acme-staging-v02.api.letsencrypt.org/directory' // staging
|
|
||||||
|
|
||||||
, email: email
|
, email: email
|
||||||
, agreeTos: agreeLeTos
|
, agreeTos: agreeLeTos
|
||||||
|
|
|
@ -6,8 +6,9 @@ require('../').create({
|
||||||
// Let's Encrypt v2 is ACME draft 11
|
// Let's Encrypt v2 is ACME draft 11
|
||||||
version: 'draft-11'
|
version: 'draft-11'
|
||||||
|
|
||||||
// You MUST change 'acme-staging-v02' to 'acme-v02' in production
|
, server: 'https://acme-v02.api.letsencrypt.org/directory'
|
||||||
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory'
|
// Note: If at first you don't succeed, stop and switch to staging
|
||||||
|
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
|
|
||||||
// You MUST change this to a valid email address
|
// You MUST change this to a valid email address
|
||||||
, email: 'john.doe@example.com'
|
, email: 'john.doe@example.com'
|
||||||
|
|
|
@ -21,8 +21,9 @@ require('../').create({
|
||||||
// Let's Encrypt v2 is ACME draft 11
|
// Let's Encrypt v2 is ACME draft 11
|
||||||
version: 'draft-11'
|
version: 'draft-11'
|
||||||
|
|
||||||
// You MUST change 'acme-staging-v02' to 'acme-v02' in production
|
, server: 'https://acme-v02.api.letsencrypt.org/directory'
|
||||||
, server: 'https://acme-v02.api.letsencrypt.org/directory' // staging
|
// Note: If at first you don't succeed, stop and switch to staging
|
||||||
|
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
|
|
||||||
, approveDomains: function (opts, certs, cb) {
|
, approveDomains: function (opts, certs, cb) {
|
||||||
// In this example the filesystem is our "database".
|
// In this example the filesystem is our "database".
|
||||||
|
|
Loading…
Reference in New Issue