From 69135494c634e7d6366ad461c907ee650938e516 Mon Sep 17 00:00:00 2001
From: Dennis Mo <staywithmo@163.com>
Date: Tue, 25 Aug 2020 14:05:09 +0800
Subject: [PATCH] =?UTF-8?q?nrserver=E4=B9=9F=E5=AE=89=E8=A3=85acme?=
 =?UTF-8?q?=E3=80=82=E6=9B=B4=E6=96=B0acme=E7=9A=84readme.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 acme/README.md | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/acme/README.md b/acme/README.md
index 68ada6b..af2c77f 100644
--- a/acme/README.md
+++ b/acme/README.md
@@ -50,6 +50,8 @@
 
 1. 复制证书：
 
+   场景1：
+
    mkdir -p /srv/certbot/conf/live/dev.woyue.org
 
    acme.sh --installcert -d dev.woyue.org -d *.dev.woyue.org \
@@ -57,8 +59,25 @@
    --fullchain-file /srv/certbot/conf/live/dev.woyue.org/fullchain.pem \
    --reloadcmd "docker restart nginxdocker_nginx_1"
 
+   场景2：
+
+   mkdir -p /srv/certbot/conf/live/nr.woyue.org
+
+   acme.sh --installcert -d nr.woyue.org -d *.nr.woyue.org \
+   --key-file /srv/certbot/conf/live/nr.woyue.org/privkey.pem \
+   --fullchain-file /srv/certbot/conf/live/nr.woyue.org/fullchain.pem \
+   --reloadcmd "docker restart nginx"
+
    注意，最后的nginxdocker_nginx_1为nginx容器的名称。请根据实际情况修改。**或不加此参数，手动重启nginx**。
 
 2. 生成：dhparams文件
 
-   openssl dhparam -out /srv/certbot/conf/ssl-dhparams.pem 2048
\ No newline at end of file
+   openssl dhparam -out /srv/certbot/conf/ssl-dhparams.pem 2048
+
+## 使用证书
+
+例如，要使用上述证书，则nginx的docker对应etc/letsencrypt的目录就是/srv/certbot/conf。比如说，conf文件里引用的密钥文件路径为：
+
+ssl_certificate /etc/letsencrypt/live/nr.woyue.org/fullchain.pem
+
+那么，docker mount的路径就应该是：-v /srv/certbot/conf:/etc/letsencrypt
\ No newline at end of file