On Tue, 15 Dec 2020 10:18:41 +0100 Solene Rapenne <sol...@perso.pw>: > This is a small change to acme-client(1) because I find > the explanation of -F flag not being obvious that you > need it when you add/remove an alternative name in your > domain config. > > Maybe wording could be better, if a native English > speaker could give it a look. > > ok? >
I added 's to domain and specified -F only works for new domains. While there, I propose to change the proposed crontab to once a day instead of every hour. The certificates can be renewed 1 full month before expiracy, I think trying to renew every hour is too much. Index: acme-client.1 =================================================================== RCS file: /home/reposync/src/usr.sbin/acme-client/acme-client.1,v retrieving revision 1.36 diff -u -p -r1.36 acme-client.1 --- acme-client.1 4 Nov 2020 10:34:18 -0000 1.36 +++ acme-client.1 16 Dec 2020 08:42:36 -0000 @@ -68,6 +68,9 @@ The options are as follows: .Bl -tag -width Ds .It Fl F Force certificate renewal, even if it's too soon. +This is required if new domain's alternatives names +were added to +.Xr acme-client.conf 5 . .It Fl f Ar configfile Specify an alternative configuration file. .It Fl n @@ -123,7 +126,7 @@ On renewal, .Xr httpd 8 is reloaded: .Bd -literal -offset indent -~ * * * * acme-client example.com && \e +~ ~ * * * acme-client example.com && \e rcctl reload httpd .Ed .Sh SEE ALSO