Skip to content

Commit 8640038

Browse files
authored
[skip ci] Multi-domains certificates examples (#640)
fix #613
1 parent 004e98b commit 8640038

File tree

2 files changed

+17
-3
lines changed

2 files changed

+17
-3
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ Please note that **letsencrypt-nginx-proxy-companion** no longer supports ACME v
1414
* Automated creation/renewal of Let's Encrypt (or other ACME CAs) certificates using [**simp_le**](https://github.com/zenhack/simp_le).
1515
* Let's Encrypt / ACME domain validation through `http-01` challenge only.
1616
* Automated update and reload of nginx config on certificate creation/renewal.
17-
* Support creation of Multi-Domain (SAN) Certificates.
17+
* Support creation of [Multi-Domain (SAN) Certificates](https://github.com/nginx-proxy/docker-letsencrypt-nginx-proxy-companion/blob/master/docs/Let's-Encrypt-and-ACME.md#multi-domains-certificates).
1818
* Creation of a Strong Diffie-Hellman Group at startup.
1919
* Work with all versions of docker.
2020

docs/Let's-Encrypt-and-ACME.md

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,12 +6,26 @@
66

77
As described on [basic usage](./Basic-usage.md), the `LETSENCRYPT_HOST` environment variables needs to be declared in each to-be-proxied application containers for which you want to enable SSL and create certificate. It most likely needs to be the same as the `VIRTUAL_HOST` variable and must resolve to your host (which has to be publicly reachable).
88

9-
Specify multiple hosts with a comma delimiter to create multi-domain ([SAN](https://www.digicert.com/subject-alternative-name.htm)) certificates (the first domain in the list will be the base domain).
10-
119
The following environment variables are optional and parametrize the way the Let's Encrypt client works.
1210

1311
### per proxyed container
1412

13+
#### Multi-domains certificates
14+
15+
Specify multiple hosts with a comma delimiter to create multi-domains ([SAN](https://www.digicert.com/subject-alternative-name.htm)) certificates (the first domain in the list will be the base domain).
16+
17+
Example:
18+
19+
```shell
20+
$ docker run --detach \
21+
--name your-proxyed-app \
22+
--env "VIRTUAL_HOST=yourdomain.tld,www.yourdomain.tld,anotherdomain.tld" \
23+
--env "LETSENCRYPT_HOST=yourdomain.tld,www.yourdomain.tld,anotherdomain.tld" \
24+
nginx
25+
```
26+
27+
Let's Encrypt has a limit of [100 domains per certificate](https://letsencrypt.org/fr/docs/rate-limits/), while Buypass limit is [15 domains per certificate](https://www.buypass.com/ssl/products/go-ssl-campaign).
28+
1529
#### Automatic certificate renewal
1630
Every hour (3600 seconds) the certificates are checked and per default every certificate that will expire in the next [30 days](https://github.com/zenhack/simp_le/blob/a8a8013c097910f8f3cce046f1077b41b745673b/simp_le.py#L73) (90 days / 3) is renewed.
1731

0 commit comments

Comments
 (0)