From: Stefan Eissing Date: Sun, 14 Jan 2018 11:48:22 +0000 (+0000) Subject: On the 2.4.x branch: X-Git-Tag: 2.4.30~140 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ed3f90283651454c12132984945972ac18dadb13;p=apache On the 2.4.x branch: Merge of r1821095 from trunk. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1821096 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/mod/mod_md.xml b/docs/manual/mod/mod_md.xml index 9f17eb10e1..2d217d0c1d 100644 --- a/docs/manual/mod/mod_md.xml +++ b/docs/manual/mod/mod_md.xml @@ -29,7 +29,7 @@ Extension mod_md.c md_module - Available in version 2.5.0 and later + Available in version 2.4.30 and later

This module manages common properties of domains for one or more virtual hosts. @@ -58,7 +58,7 @@ MDomain example.org DocumentRoot htdocs/a SSLEngine on - # no certificates specification needed! + # no certificates specification </VirtualHost>

@@ -75,6 +75,30 @@ MDomain example.org

+ Prerequisites +

+ This module requires mod_watchdog to be loaded as well. +

+ Certificate signup and renewal with Let's Encrypt requires your server to be + reachable on port 80 (http:) from the outside. The alternative method over + port 443 (https:) is currently disabled for security reasons (status from + 2018-01-14). +

+ The module will select from the methods offered by Let's Encrypt. If LE decides + at one point in the future, to re-enable it again, mod_md will + use it when suitable. +

+ But for now, only the port 80 variant is available (termed "http-01"). Only + when LE can reach your server on port 80 will mod_md work for + you. For now, at least. +

+ If you do not want to offer any sites on port 80 any more, you may leave it open + and redirect all requests to your https: sites instead. Use the + MDRequireHttps described below to do + that in a convenient fashion. This will continue to answer http: challenges + from Let's Encrypt. +

+