NixOS Wiki

ACME: Difference between revisions

← Older editNewer edit →
VisualWikitext
mNo edit summary
Undo revision 23637 by Scotch7881 (talk)
Tag: Undo
Line 1: Line 1:
NixOS 支持通过 ACME 协议实现自动域名验证、证书获取及续期。可以使用任何服务提供商,但 NixOS 默认使用 Let's Encrypt。底层使用的是替代 ACME 客户端 lego。
NixOS supports automatic domain validation & certificate retrieval and renewal using the ACME protocol. Any provider can be used, but by default NixOS uses Let's Encrypt. The alternative ACME client [https://go-acme.github.io/lego/ lego] is used under the hood.


== Setup ==
== Setup ==
=== DNS-01 Challenge ===
=== DNS-01 Challenge ===
下面的示例设置通过DNS验证生成证书。需接受 [https://letsencrypt.org/repository/ Let's Encrypt ToS] 的服务条款(ToS)。同时,指定联系邮箱为<code>admin+acme@example.com</code>
Following example setup generates certificates using DNS validation. [https://letsencrypt.org/repository/ Let's Encrypt ToS] has to be accepted. Further the contact mail <code>admin+acme@example.com</code> is defined.


<syntaxhighlight lang="nix">
<syntaxhighlight lang="nix">
Retrieved from "https://wiki.nixos.org/wiki/ACME"