generated from bisco/codex-bootstrap
fix: replace staging certificate on production switch
This commit is contained in:
+4
-2
@@ -44,8 +44,10 @@ caller and it overwrites `X-Forwarded-*` headers.
|
||||
For direct TLS, public DNS and inbound ports 80/443 must reach NGINX. Start with
|
||||
`LETSENCRYPT_STAGING=1` and set `WP_URL` to the final HTTPS URL. Application HTTP
|
||||
returns 503 until a certificate exists, then redirects to HTTPS. Switch to the
|
||||
production CA only after validating DNS and firewall behavior, removing only the
|
||||
staging certificate directory when necessary.
|
||||
production CA only after validating DNS and firewall behavior. When
|
||||
`LETSENCRYPT_STAGING` changes from `1` to `0`, recreate the Certbot container; it
|
||||
removes an existing staging certificate for the configured domain before requesting the
|
||||
production certificate.
|
||||
|
||||
## State and rollback
|
||||
|
||||
|
||||
Reference in New Issue
Block a user