mirror of
https://github.com/go-acme/lego.git
synced 2025-01-18 12:30:36 +02:00
docs: add documentation for env var only options (#2337)
This commit is contained in:
parent
2b08b83adf
commit
06dfe51e17
@ -85,3 +85,60 @@ In these cases, you can instruct Lego to use a different DNS resolver, using the
|
|||||||
You should prefer one on the public internet, otherwise you might be susceptible to the same problem.
|
You should prefer one on the public internet, otherwise you might be susceptible to the same problem.
|
||||||
|
|
||||||
[^apex]: The apex domain is the domain you have registered with your domain registrar. For gTLDs (`.com`, `.fyi`) this is the 2nd level domain, but for ccTLDs, this can either be the 2nd level (`.de`) or 3rd level domain (`.co.uk`).
|
[^apex]: The apex domain is the domain you have registered with your domain registrar. For gTLDs (`.com`, `.fyi`) this is the 2nd level domain, but for ccTLDs, this can either be the 2nd level (`.de`) or 3rd level domain (`.co.uk`).
|
||||||
|
|
||||||
|
## Other options
|
||||||
|
|
||||||
|
### LEGO_CA_CERTIFICATES
|
||||||
|
|
||||||
|
The environment variable `LEGO_CA_CERTIFICATES` allows to specify the path to PEM-encoded CA certificates
|
||||||
|
that can be used to authenticate an ACME server with an HTTPS certificate not issued by a CA in the system-wide trusted root list.
|
||||||
|
|
||||||
|
Multiple file paths can be added by using `:` (unix) or `;` (Windows) as a separator.
|
||||||
|
|
||||||
|
Example:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# On Unix system
|
||||||
|
LEGO_CA_CERTIFICATES=/foo/cert1.pem:/foo/cert2.pem
|
||||||
|
```
|
||||||
|
|
||||||
|
### LEGO_CA_SYSTEM_CERT_POOL
|
||||||
|
|
||||||
|
The environment variable `LEGO_CA_SYSTEM_CERT_POOL` can be used to define if the certificates pool must use a copy of the system cert pool.
|
||||||
|
|
||||||
|
Example:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
LEGO_CA_SYSTEM_CERT_POOL=true
|
||||||
|
```
|
||||||
|
|
||||||
|
### LEGO_CA_SERVER_NAME
|
||||||
|
|
||||||
|
The environment variable `LEGO_CA_SERVER_NAME` allows to specify the CA server name used to authenticate an ACME server
|
||||||
|
with an HTTPS certificate not issued by a CA in the system-wide trusted root list.
|
||||||
|
|
||||||
|
Example:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
LEGO_CA_SERVER_NAME=foo
|
||||||
|
```
|
||||||
|
|
||||||
|
### LEGO_DISABLE_CNAME_SUPPORT
|
||||||
|
|
||||||
|
By default, lego follows CNAME, the environment variable `LEGO_DISABLE_CNAME_SUPPORT` allows to disable this support.
|
||||||
|
|
||||||
|
Example:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
LEGO_DISABLE_CNAME_SUPPORT=false
|
||||||
|
```
|
||||||
|
|
||||||
|
### LEGO_DEBUG_CLIENT_VERBOSE_ERROR
|
||||||
|
|
||||||
|
The environment variable `LEGO_DEBUG_CLIENT_VERBOSE_ERROR` allows to enrich error messages from some of the DNS clients.
|
||||||
|
|
||||||
|
Example:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
LEGO_DEBUG_CLIENT_VERBOSE_ERROR=true
|
||||||
|
```
|
||||||
|
Loading…
Reference in New Issue
Block a user