From a903ea92dd736c560d21fe45063d4914765fa173 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 14 Feb 2021 17:01:17 +0100 Subject: challenge-directory now needs to be set to an *existing* directory. Since lacme(8) spawns a builtin webserver by default the change doesn't affect default configurations. See https://bugs.debian.org/970800 for the rationale. --- config/lacme.conf | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) (limited to 'config') diff --git a/config/lacme.conf b/config/lacme.conf index 2955984..4c7dc86 100644 --- a/config/lacme.conf +++ b/config/lacme.conf @@ -64,17 +64,14 @@ # #listen = @@runstatedir@@/lacme-www.socket -# Non-existent directory under which an external HTTP daemon is -# configured to serve GET requests for challenge files under -# "/.well-known/acme-challenge/" (for each virtual host requiring -# authorization) as static files. +# Directory under which an external HTTP daemon is configured to serve +# GET requests for challenge files under "/.well-known/acme-challenge/" +# (for each virtual host requiring authorization) as static files. +# NOTE: the directory must exist and be writable by the lacme client +# user. # #challenge-directory = -# Do not symlink the challenge-directory, but copy the challenge-files -# explictly. -#hard-copy-challenge-directory = No - # username to drop privileges to (setting both effective and real uid). # Skip privilege drop if the value is empty (not recommended). # -- cgit v1.2.3