You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ic...@apache.org on 2018/01/14 11:47:21 UTC

svn commit: r1821095 - /httpd/httpd/trunk/docs/manual/mod/mod_md.xml

Author: icing
Date: Sun Jan 14 11:47:21 2018
New Revision: 1821095

URL: http://svn.apache.org/viewvc?rev=1821095&view=rev
Log:
mod_md manual: updated version and added note about current port requirements

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_md.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_md.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_md.xml?rev=1821095&r1=1821094&r2=1821095&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_md.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_md.xml Sun Jan 14 11:47:21 2018
@@ -29,7 +29,7 @@
     <status>Extension</status>
     <sourcefile>mod_md.c</sourcefile>
     <identifier>md_module</identifier>
-    <compatibility>Available in version 2.5.0 and later</compatibility>
+    <compatibility>Available in version 2.4.30 and later</compatibility>
     <summary>
         <p>
         This module manages common properties of domains for one or more virtual hosts. 
@@ -58,7 +58,7 @@ MDomain example.org
     DocumentRoot htdocs/a
 
     SSLEngine on
-    # no certificates specification needed!
+    # no certificates specification
 &lt;/VirtualHost&gt;
         </highlight>
         <p>
@@ -75,6 +75,30 @@ MDomain example.org
         </p>
         </note>
 
+        <note><title>Prerequisites</title>
+        <p>
+            This module requires <module>mod_watchdog</module> to be loaded as well.
+        </p><p>
+            Certificate signup and renewal with Let's Encrypt requires your server to be
+            reachable on port 80 (http:) from the outside. The alternative method over
+            port 443 (https:) is currently disabled for security reasons (status from
+            2018-01-14).
+        </p><p>
+            The module will select from the methods offered by Let's Encrypt. If LE decides
+            at one point in the future, to re-enable it again, <module>mod_md</module> will
+            use it when suitable.
+        </p><p>
+            But for now, only the port 80 variant is available (termed "http-01"). Only
+            when LE can reach your server on port 80 will <module>mod_md</module> work for
+            you. For now, at least.
+        </p><p>
+            If you do not want to offer any sites on port 80 any more, you may leave it open
+            and redirect all requests to your https: sites instead. Use the
+            <directive module="mod_md">MDRequireHttps</directive> described below to do
+            that in a convenient fashion. This will continue to answer http: challenges
+            from Let's Encrypt. 
+        </p>
+        </note>
     </summary>
     
     <directivesynopsis>