diff options
author | rsiddharth <s@ricketyspace.net> | 2020-02-03 17:32:44 -0500 |
---|---|---|
committer | rsiddharth <s@ricketyspace.net> | 2020-02-03 17:32:44 -0500 |
commit | e084c0e36a70e3d38ef888926bb75fbd37e85d4c (patch) | |
tree | 830a8190d6f8e8e6b441d02061f3c09f6ae8ac98 | |
parent | 2970792bc8d3c83bf75e13d8948a3392d18a5777 (diff) |
README.md: Update introduction.
The ACME v2 of the sign_csr.py and revoke_crt.py require the user
account private key.
-rw-r--r-- | README.md | 10 |
1 files changed, 4 insertions, 6 deletions
@@ -16,12 +16,10 @@ it signed. The script goes through the [ACME protocol](https://github.com/ietf-w with the Let's Encrypt certificate authority and outputs the signed certificate to stdout. -This script doesn't know or ask for your private key, and it doesn't need to be -run on your server. There are some parts of the ACME protocol that require your -private key and access to your server. For those parts, this script prints out -very minimal commands for you to run to complete the requirements. There is only -one command that needs to be run as root on your server and it is a very simple -python https server that you can inspect for yourself before you run it. +This script is meant to be run on your computer locally. It requires you to pass +your account private key. If the account private key is encrypted, openssl will +directly ask for the passphrase each time the private key is needed to sign +requests or data. ## Table of Contents |