With this change private and public files are now separated by default.
certs/*
archive/*
accounts/*
-.acme-challenges/*
- Location of certs directory is now configurable via CERTDIR config variable
- signcsr command now also outputs chain certificate
- Location of account-key(s) changed
+- Default WELLKNOWN location is now `/var/www/letsencrypt`
## Added
- Added option to add CSR-flag indicating OCSP stapling to be mandatory
# Directory for account keys and registration information
#ACCOUNTDIR="${BASEDIR}/accounts"
-# Output directory for challenge-tokens to be served by webserver or deployed in HOOK (default: $BASEDIR/.acme-challenges)
-#WELLKNOWN="${BASEDIR}/.acme-challenges"
+# Output directory for challenge-tokens to be served by webserver or deployed in HOOK (default: /var/www/letsencrypt)
+#WELLKNOWN="/var/www/letsencrypt"
# Default keysize for private keys (default: 4096)
#KEYSIZE="4096"
[[ -z "${CERTDIR}" ]] && CERTDIR="${BASEDIR}/certs"
[[ -z "${DOMAINS_TXT}" ]] && DOMAINS_TXT="${BASEDIR}/domains.txt"
- [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="${BASEDIR}/.acme-challenges"
+ [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="/var/www/letsencrypt"
[[ -z "${LOCKFILE}" ]] && LOCKFILE="${BASEDIR}/lock"
[[ -n "${PARAM_HOOK:-}" ]] && HOOK="${PARAM_HOOK}"