diff options
Diffstat (limited to 'docs/content/doc/usage/https-support.md')
| -rw-r--r-- | docs/content/doc/usage/https-support.md | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/docs/content/doc/usage/https-support.md b/docs/content/doc/usage/https-support.md index 756e11fd03..783d6d8037 100644 --- a/docs/content/doc/usage/https-support.md +++ b/docs/content/doc/usage/https-support.md @@ -60,6 +60,7 @@ If you are using Docker, make sure that this port is configured in your `docker- [ACME](https://tools.ietf.org/html/rfc8555) is a Certificate Authority standard protocol that allows you to automatically request and renew SSL/TLS certificates. [Let's Encrypt](https://letsencrypt.org/) is a free publicly trusted Certificate Authority server using this standard. Only `HTTP-01` and `TLS-ALPN-01` challenges are implemented. In order for ACME challenges to pass and verify your domain ownership, external traffic to the gitea domain on port `80` (`HTTP-01`) or port `443` (`TLS-ALPN-01`) has to be served by the gitea instance. Setting up [HTTP redirection](#setting-up-http-redirection) and port-forwards might be needed for external traffic to route correctly. Normal traffic to port `80` will otherwise be automatically redirected to HTTPS. **You must consent** to the ACME provider's terms of service (default Let's Encrypt's [terms of service](https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf)). Minimum setup using the default Let's Encrypt: + ```ini [server] PROTOCOL=https @@ -72,6 +73,7 @@ ACME_EMAIL=email@example.com ``` Minimumg setup using a [smallstep CA](https://github.com/smallstep/certificates), refer to [their tutorial](https://smallstep.com/docs/tutorials/acme-challenge) for more information. + ```ini [server] PROTOCOL=https |