Commit 0a512e60 authored by Oyvind.Gjesdal's avatar Oyvind.Gjesdal
Browse files

add documentation for setting certificates

parent d7b25896
......@@ -36,6 +36,17 @@ vhost.ssl_type: "certbot|uib" #default certbot
vhost.http_only_extra_parameters ()
vhost.ssl (undef, true if ssl to be used)
## UiB SSL
When you run a playbook with `ssl_type: uib`, the server forwards a tempate to `serveradmin` by mail (if mail is available on the server).
The content can be added to hjelp.uib.no to receive a certificate from cert-manager.com (in 2020-11).
Two of the urls from one of the emails should be added to (vaulted) variables.
* as Certificate only, PEM encoded
* as Root/Intermediate(s) only, PEM encoded
Ad dto vhost, see the example below.
## Example playbook
```
......@@ -58,6 +69,8 @@ vhost.ssl (undef, true if ssl to be used)
ProxyPass /example.dtd http://localhost:8080/service/example.dtd
ssl: true
ssl_type: "uib|letsencrypt" # default letsencrypt if empty
certificate_interm_only_url: "{{ eksempel_no_interm_only_url }}" # only when ssl_type uib
certificate_only_url: "{{ eksempel_no_cert_only_url }}" # oly when ssl_type uib
become: true
tags:
- httpd
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment