Hello, i have a few questions and hope someine can help me.
So,
- to get certificate i run this one:
/opt/letsencrypt/letsencrypt-auto --config /etc/letsencrypt/configs/s1.demo.example.com certonly`
this operation was successfully completed, but now i want to add new domain ' s2.demo.example.com' .
How should i do that? Run (1) with new name again? It will be new certificate or renewed?
- How to tune HSTS in Nginx?
Such way?
server { listen 443 ssl;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
# This 'location' block inherits the STS header location / { root /usr/share/nginx/html; }
# Because this 'location' block contains another 'add_header' directive, # we must redeclare the STS header location /servlet { add_header X-Served-By "My Servlet Handler"; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; proxy_pass http://localhost:8080; } }
- And about auto renew
as i understand, i need to do that:
> sudo mkdir /var/log/letsencrypt/
and write
#!/bin/sh cd /opt/letsencrypt/ ./letsencrypt-auto --config /etc/letsencrypt/configs/ s1.demo.*****.com.conf certonly if [ $? -ne 0 ] then ERRORLOG=`tail /var/log/letsencrypt/letsencrypt.log` echo -e "The Let's Encrypt cert has not been renewed! \n \n" \ $ERRORLOG else nginx -s reload fi exit 0
then
`> crontab -e
and write crontab
0 0 1 JAN,MAR,MAY,JUL,SEP,NOV * /path/to/renew-letsencrypt.sh
But when i received the certificate, i get:
|Please read the Terms of Service at
|https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf. You must agree
|in order to register with the ACME server at
|https://acme-staging.api.letsencrypt.org/directory
|-------------------------------------------------------------------------------
|(A)gree/(C)ancel: a
|
Who will answer this question when processed automatically?
Thanks