mirror of
https://github.com/thib8956/nginx-proxy
synced 2024-11-22 03:46:29 +00:00
Grammar/formatting
This commit is contained in:
parent
61c3933e0e
commit
50839742f2
12
README.md
12
README.md
@ -64,18 +64,18 @@ To enable SSL:
|
||||
The contents of `/path/to/certs` should contain the certificates and private keys for any virtual
|
||||
hosts in use. The certificate and keys should be named after the virtual host with a `.crt` and
|
||||
`.key` extension. For example, a container with `VIRTUAL_HOST=foo.bar.com` should have a
|
||||
`foo.bar.com.crt` and 'foo.bar.com.key' file in the certs directory.
|
||||
`foo.bar.com.crt` and `foo.bar.com.key` file in the certs directory.
|
||||
|
||||
#### Wildcard Certificates
|
||||
|
||||
Wildcard certificate and keys should be name after the domain name with a `.crt` and `.key` extension.
|
||||
For example `VIRTUAL_HOST=foo.bar.com` could also use cert name `bar.com.crt` and `bar.com.key`.
|
||||
Wildcard certificates and keys should be name after the domain name with a `.crt` and `.key` extension.
|
||||
For example `VIRTUAL_HOST=foo.bar.com` would use cert name `bar.com.crt` and `bar.com.key`.
|
||||
|
||||
#### SNI
|
||||
|
||||
If your certificate(s) supports multiple domain names, you can start a container with `CERT_NAME=<name>`
|
||||
to identify the certificate to be used. For example, a certificate for `*.foo.com` and `*.bar.com`
|
||||
could be name `shared.crt` and `shared.key`. A container running with `VIRTUAL_HOST=foo.bar.com`
|
||||
could be named `shared.crt` and `shared.key`. A container running with `VIRTUAL_HOST=foo.bar.com`
|
||||
and `CERT_NAME=shared` will then use this shared cert.
|
||||
|
||||
#### How SSL Support Works
|
||||
@ -92,6 +92,6 @@ is always preferred when available.
|
||||
* If the container does not have a usable cert, a 503 will be returned.
|
||||
|
||||
Note that in the latter case, a browser may get an connection error as no certificate is available
|
||||
to establish a connection. A self-signed or generic cert can be defined as "default.crt" and "default.key"
|
||||
which will allow a client browser to make a SSL connection (likely w/ a warning) and subsequently receive
|
||||
to establish a connection. A self-signed or generic cert named `default.crt` and `default.key`
|
||||
will allow a client browser to make a SSL connection (likely w/ a warning) and subsequently receive
|
||||
a 503.
|
Loading…
Reference in New Issue
Block a user