Updated Home (markdown)
Roni Väyrynen
23
Home.md
23
Home.md
@@ -12,6 +12,29 @@ cp sample.xo-install.cfg xo-install.cfg
|
||||
|
||||
There's few different ways to enable HTTPS for Xen Orchestra.
|
||||
|
||||
* Let's Encrypt, automatically created by Xen Orchestra
|
||||
|
||||
Edit `xo-install.cfg` with your preferred text editor and make sure following variables are set:
|
||||
|
||||
```
|
||||
LETSENCRYPT="true"
|
||||
LETSENCRYPT_DOMAIN="your.domain.tld"
|
||||
```
|
||||
Additionally you can set `LETSENCRYPT_EMAIL="your@email.tld"` to receive notifications related to your certificate.
|
||||
|
||||
Enabling Let's Encrypt overwrites some other configuration options so that it works properly, these are:
|
||||
|
||||
PORT is set to 80
|
||||
AUTOCERT is set to true
|
||||
Certificate and Key paths are set to `./certificate.pem` and `./key.pem`, meaning they will be located in same directory with xo-server config.toml file.
|
||||
|
||||
Certificate will be generated when XO is accessed first time from browser with domain set in configuration. When this is done for the first time, the page will load slightly longer due to certificate being generated.
|
||||
|
||||
Check these if certificate generation doesn't work properly:
|
||||
|
||||
- XO instance needs to be publicly accessible with domain and ports 80/443 allowed for certificate generation to work.
|
||||
- If certificate/key paths were set before and there are existing files, XO won't generate a new Let's Encrypt certificate. Stop xo-server, remove/rename these files and restart xo-server.
|
||||
|
||||
|
||||
* Self-signed certificate, automatically created by Xen Orchestra
|
||||
|
||||
|
||||
Reference in New Issue
Block a user