RuhNetConsulting
/
getssl
mirror of https://github.com/srvrco/getssl
1
0
Fork 0
Code Issues 0 Projects 0 Releases 51 Wiki Activity
Browse Source

Document the settings used for DNS verification

pull/591/head
Tim Kimber 5 years ago
parent
96d987c07b
commit
d195235a7e
No known key found for this signature in database GPG Key ID: 3E1804964E76BD18
1 changed files with 15 additions and 8 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +15
    -8
      getssl

+ 15
- 8
getssl View File

@ -252,7 +252,6 @@ ACCOUNT_KEY_TYPE="rsa"
CA="https://acme-staging-v02.api.letsencrypt.org/directory"
CA_CERT_LOCATION=""
CHALLENGE_CHECK_TYPE="http"
CHECK_ALL_AUTH_DNS="false"
CHECK_REMOTE="true"
CHECK_REMOTE_WAIT=0
CODE_LOCATION="https://raw.githubusercontent.com/srvrco/getssl/master/getssl"
@ -260,10 +259,6 @@ CSR_SUBJECT="/"
CURL_USERAGENT="${PROGNAME}/${VERSION}"
DEACTIVATE_AUTH="false"
DEFAULT_REVOKE_CA="https://acme-v02.api.letsencrypt.org"
DNS_EXTRA_WAIT=60 # How long to wait after the DNS has updated before telling the ACME server to check.
DNS_WAIT_RETRY_ADD="false" # Try the dns_add_command again if the DNS record hasn't updated
DNS_WAIT=10 # How long to wait before checking the DNS record again
DNS_WAIT_COUNT=100 # How many times to wait for the DNS record to update
DOMAIN_KEY_LENGTH=4096
DUAL_RSA_ECDSA="false"
GETSSL_IGNORE_CP_PRESERVE="false"
@ -272,8 +267,6 @@ IGNORE_DIRECTORY_DOMAIN="false"
ORIG_UMASK=$(umask)
PREVIOUSLY_VALIDATED="true"
PRIVATE_KEY_ALG="rsa"
PUBLIC_DNS_SERVER=""
CHECK_PUBLIC_DNS_SERVER="true"
RELOAD_CMD=""
RENEW_ALLOW="30"
REUSE_PRIVATE_KEY="true"
@ -284,8 +277,22 @@ OCSP_MUST_STAPLE="false"
TEMP_UPGRADE_FILE=""
TOKEN_USER_ID=""
USE_SINGLE_ACL="false"
VALIDATE_VIA_DNS=""
WORKING_DIR_CANDIDATES=("/etc/getssl/" "${PROGDIR}/conf" "${PROGDIR}/.getssl" "${HOME}/.getssl")
# Variables used when validating using a DNS entry
VALIDATE_VIA_DNS="" # Set this to "true" to enable DNS validation
AUTH_DNS_SERVER="" # Use this DNS server to check the challenge token has been set
PUBLIC_DNS_SERVER="" # Use this DNS server to find the authoritative DNS servers for the domain
CHECK_ALL_AUTH_DNS="false" # Check the challenge token has been set on all authoritative DNS servers
CHECK_PUBLIC_DNS_SERVER="true" # Check the public DNS server as well as the authoritative DNS servers
DNS_ADD_COMMAND="" # Use this command/script to add the challenge token to the DNS entries for the domain
DNS_DEL_COMMAND="" # Use this command/script to remove the challenge token from the DNS entries for the domain
DNS_WAIT_COUNT=100 # How many times to wait for the DNS record to update
DNS_WAIT=10 # How long to wait before checking the DNS record again
DNS_EXTRA_WAIT=60 # How long to wait after the DNS entries are visible to us before telling the ACME server to check.
DNS_WAIT_RETRY_ADD="false" # Try the dns_add_command again if the DNS record hasn't updated
# Private variables
_CHECK_ALL=0
_CREATE_CONFIG=0
_FORCE_RENEW=0


Write Preview
Loading…
Cancel
Save