From 7da82bf4ce1d40b730c4ace0817ccbcb862221ee Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Thu, 29 Jun 2017 09:49:05 +0200 Subject: wibble --- lacme.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/lacme.md b/lacme.md index 3ba4a44..d2a3b46 100644 --- a/lacme.md +++ b/lacme.md @@ -232,14 +232,15 @@ served during certificate issuance. addresses are of the form `IPV4:PORT`, `[IPV6]:PORT` (where the `:PORT` suffix is optional and defaults to the HTTP port 80), or an absolute path of a UNIX-domain socket (created with mode `0666`). - Since the webserver component listens to a UNIX-domain socket by - default, it is only suitable when an external HTTP daemon is - publicly reachable and passes all ACME challenge requests to that - socket; if that's not the case, one needs to set *listen* to `[::]` - (or `0.0.0.0 [::]` when dual stack IPv4/IPv6 is disabled or - unavailable), and possibly also set *iptables* to `Yes`. Default: `/var/run/lacme.socket`. + Note: The default value is only suitable when an external HTTP + daemon is publicly reachable and passes all ACME challenge requests + to the webserver component through the UNIX-domain socket + `/var/run/lacme.socket`; if that's not the case, one needs to set + *listen* to `[::]` (or `0.0.0.0 [::]` when dual stack IPv4/IPv6 is + disabled or unavailable), and possibly also set *iptables* to `Yes`. + *challenge-directory* : Specify a non-existent directory under which an external HTTP daemon -- cgit v1.2.3