Clearly state built-in ACME no longer works (#7824)
I'm tempted to remove this section entirely, but it's helpful for admins who are trying to figure out why their Synapse is crashing on start with ACME errors. Signed-off-by: Luke W Faraone <luke@faraone.cc>pull/7844/head
parent
f886a69916
commit
93c8b077ed
12
INSTALL.md
12
INSTALL.md
|
@ -405,13 +405,11 @@ so, you will need to edit `homeserver.yaml`, as follows:
|
||||||
```
|
```
|
||||||
|
|
||||||
* You will also need to uncomment the `tls_certificate_path` and
|
* You will also need to uncomment the `tls_certificate_path` and
|
||||||
`tls_private_key_path` lines under the `TLS` section. You can either
|
`tls_private_key_path` lines under the `TLS` section. You will need to manage
|
||||||
point these settings at an existing certificate and key, or you can
|
provisioning of these certificates yourself — Synapse had built-in ACME
|
||||||
enable Synapse's built-in ACME (Let's Encrypt) support. Instructions
|
support, but the ACMEv1 protocol Synapse implements is deprecated, not
|
||||||
for having Synapse automatically provision and renew federation
|
allowed by LetsEncrypt for new sites, and will break for existing sites in
|
||||||
certificates through ACME can be found at [ACME.md](docs/ACME.md).
|
late 2020. See [ACME.md](docs/ACME.md).
|
||||||
Note that, as pointed out in that document, this feature will not
|
|
||||||
work with installs set up after November 2019.
|
|
||||||
|
|
||||||
If you are using your own certificate, be sure to use a `.pem` file that
|
If you are using your own certificate, be sure to use a `.pem` file that
|
||||||
includes the full certificate chain including any intermediate certificates
|
includes the full certificate chain including any intermediate certificates
|
||||||
|
|
Loading…
Reference in New Issue