mirror of
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake.git
synced 2025-10-13 20:11:19 -04:00
Use Manager.HTTPHandler for automatic TLS support.
This is needed since the recent removal of the TLS-SNI challenge types. https://community.letsencrypt.org/t/tls-sni-challenges-disabled-for-most-new-issuance/50316 The HTTP-01 challenge type requires an additional listener on port 80.
This commit is contained in:
David Fifield
parent
9ab8ea3df4
commit
fcc274ac68
2 changed files with 7 additions and 2 deletions
|
|
@ -35,14 +35,15 @@ using the `--acme-email` option,
|
|||
so that Let's Encrypt can inform you of any problems.
|
||||
|
||||
In order to fetch certificates automatically,
|
||||
the server needs to be listening on port 443 (the default).
|
||||
the server needs to open an additional HTTP listener on port 80.
|
||||
On Linux, you can use the `setcap` program,
|
||||
part of libcap2, to enable the broker to bind to low-numbered ports
|
||||
without having to run as root:
|
||||
```
|
||||
setcap 'cap_net_bind_service=+ep' /usr/local/bin/broker
|
||||
```
|
||||
You can control the listening port with the --addr option.
|
||||
You can control the listening broker port with the --addr option.
|
||||
Port 443 is the default.
|
||||
|
||||
You'll need to provide the URL of the custom broker
|
||||
to the client plugin using the `--url $URL` flag.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue