8a9ffc771d20915c2995d1b4fd34f12791d9cc0c
services/Distributed-Wiki.md
| ... | ... | @@ -79,15 +79,16 @@ gollum --css <path>/custom.css --gollum-path <path> --host 127.0.0.1 --port 456 |
| 79 | 79 | |
| 80 | 80 | #### SSL |
| 81 | 81 | |
| 82 | - - Generate a private key: |
|
| 82 | + - Setup your MNTNR according to [Automatic CA](https://internal.dn42/services/Automatic-CA) |
|
| 83 | + - Generate a [CSR](/services/Certificate-Authority) and send DNS Key Pin to [[email protected]](mailto:[email protected]): |
|
| 83 | 84 | |
| 84 | - `openssl genrsa -out wiki.key 4096` |
|
| 85 | - |
|
| 86 | - - Generate a [CSR](/services/Certificate-Authority) and send `wiki.csr` to [[email protected]](mailto:[email protected]): |
|
| 85 | +``` |
|
| 86 | +./ca.dn42 tls-gen wiki.dn42 <NAME>-MNT <email> DNS:wiki.dn42,DNS:www.wiki.dn42,DNS:internal.dn42,DNS:www.internal.dn42 |
|
| 87 | +``` |
|
| 87 | 88 | |
| 88 | - `openssl req -new -sha256 -key wiki.key -out wiki.csr` |
|
| 89 | + Wait for a reply and then sign the certificate: |
|
| 89 | 90 | |
| 90 | - Wait for a reply containing internal.dn42/wiki.dn42 certificate. |
|
| 91 | + `./ca.dn42 tls-sign wiki.dn42 MIC92-MNT` |
|
| 91 | 92 | |
| 92 | 93 | #### Header |
| 93 | 94 |