On 04.11.2015 21:57, Holger Weiß wrote: > * Paul Muster <p...@muster.net> [2015-11-04 21:21]:
>> It's especially _necessary_ to split key, cert and chain to different >> files to be able to use Let's Encrypt certificates. > > I haven't played with Let's Encrypt yet, but I guess you could just run > > $ cat key.pem cert.pem chain.pem > ejabberd.pem > > after doing whatever has to be done to maintain their certificates, no? Yes, but this has to be done _every time_ the 'Let's Encrypt agent' updates the cert - a use case which should happen without admin's involvement. Better wording: It's especially _necessary_ to split key, cert and chain to different files to be able to use Let's Encrypt's certificate renewal machanism. Greetings, Paul
smime.p7s
Description: S/MIME Cryptographic Signature