|
|
@@ -34,6 +34,18 @@ this script likely isn't for you! Please use the official Let's Encrypt
|
|
|
openssl genrsa 4096 > account.key
|
|
|
```
|
|
|
|
|
|
+#### Use existing Let's Encrypt key
|
|
|
+
|
|
|
+Alternatively you can convert your key, previously generated by the original
|
|
|
+Let's Encrypt client.
|
|
|
+
|
|
|
+The private account key from the Let's Encrypt client is saved in the
|
|
|
+[JWK](https://tools.ietf.org/html/rfc7517) format. `acme-tiny` is using the PEM
|
|
|
+key format. To convert the key, you can use the tool
|
|
|
+[pem-jwk](https://github.com/dannycoates/pem-jwk):
|
|
|
+
|
|
|
+ $ pem-jwk /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/<id>/private_key.json > account.key
|
|
|
+
|
|
|
### Step 2: Create a certificate signing request (CSR) for your domains.
|
|
|
|
|
|
The ACME protocol (what Let's Encrypt uses) requires a CSR file to be submitted
|
|
|
@@ -182,4 +194,3 @@ anyone who wants to run it.
|
|
|
|
|
|
If you want to add features for your own setup to make things easier for you,
|
|
|
please do! It's open source, so feel free to fork it and modify as necessary.
|
|
|
-
|
Andreas Pfohl