aboutsummaryrefslogtreecommitdiffstats
path: root/README
diff options
context:
space:
mode:
Diffstat (limited to 'README')
-rw-r--r--README58
1 files changed, 29 insertions, 29 deletions
diff --git a/README b/README
index 37c531a..4e66129 100644
--- a/README
+++ b/README
@@ -1,29 +1,6 @@
-Requesting new Certificate Issuance with the ACME protocol generally
-works as follows:
-
- 1. Generate a Certificate Signing Request. This requires access to
- the private part of the server key.
- 2. Issue an issuance request against the ACME server.
- 3. Answer the ACME Identifier Validation Challenges. The challenge
- type "http-01" requires a webserver to listen on port 80 for each
- address for which an authorization request is issued; if there is
- no running webserver, root privileges are required to bind against
- port 80 and to install firewall rules to temporarily open the port.
- 4. Install the certificate (after verification) and restart the
- service. This usually requires root access as well.
-
-Steps 1,3,4 need to be run on the host for which an authorization
-request is issued. However the the issuance itself (step 2) could be
-done from another machine. Furthermore, each ACME command (step 2), as
-well as the key authorization token in step 3, need to be signed using
-an account key. The account key can be stored on another machine, or
-even on a smartcard.
-
-_______________________________________________________________________
-
-letsencrypt is a tiny ACME client written with process isolation and
-minimal privileges in mind. It is divided into four components, each
-with its own executable:
+lacme is a small ACME client written with process isolation and minimal
+privileges in mind. It is divided into four components, each with its
+own executable:
* A process to manage the account key and issue SHA-256 signatures
needed for each ACME command. (This process binds to a UNIX-domain
@@ -56,11 +33,34 @@ with its own executable:
Consult the manuals for more information.
- https://guilhem.org/man/letsencrypt.1.html
- https://guilhem.org/man/letsencrypt-accountd.1.html
+ https://guilhem.org/man/lacme.1.html
+ https://guilhem.org/man/lacme-accountd.1.html
+
+_______________________________________________________________________
+
+Requesting new Certificate Issuance with the ACME protocol generally
+works as follows:
+
+ 1. Generate a Certificate Signing Request. This requires access to
+ the private part of the server key.
+ 2. Issue an issuance request against the ACME server.
+ 3. Answer the ACME Identifier Validation Challenges. The challenge
+ type "http-01" requires a webserver to listen on port 80 for each
+ address for which an authorization request is issued; if there is
+ no running webserver, root privileges are required to bind against
+ port 80 and to install firewall rules to temporarily open the port.
+ 4. Install the certificate (after verification) and restart the
+ service. This usually requires root access as well.
+
+Steps 1,3,4 need to be run on the host for which an authorization
+request is issued. However the the issuance itself (step 2) could be
+done from another machine. Furthermore, each ACME command (step 2), as
+well as the key authorization token in step 3, need to be signed using
+an account key. The account key can be stored on another machine, or
+even on a smartcard.
_______________________________________________________________________
-letsencrypt is Copyright© 2016 Guilhem Moulin ⟨guilhem@fripost.org⟩, and
+lacme is Copyright© 2016 Guilhem Moulin ⟨guilhem@fripost.org⟩, and
licensed for use under the GNU General Public License version 3 or
later. See ‘COPYING’ for specific terms and distribution information.