diff options
| author | Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> | 2019-03-13 15:26:29 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-03-13 15:26:29 +0000 |
| commit | 7998ca3a6616653fe8b76da3d7fd3c91d0d9597e (patch) | |
| tree | d02ffdd21d7be9c6eea5dc88146ffc22f9d8e713 /INSTALL.md | |
| parent | Merge branch 'master' of github.com:matrix-org/synapse into develop (diff) | |
| download | synapse-7998ca3a6616653fe8b76da3d7fd3c91d0d9597e.tar.xz | |
Document using a certificate with a full chain (#4849)
Diffstat (limited to 'INSTALL.md')
| -rw-r--r-- | INSTALL.md | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/INSTALL.md b/INSTALL.md index 76833e0f8c..de6893530d 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -375,9 +375,13 @@ To configure Synapse to expose an HTTPS port, you will need to edit * You will also need to uncomment the `tls_certificate_path` and `tls_private_key_path` lines under the `TLS` section. You can either point these settings at an existing certificate and key, or you can - enable Synapse's built-in ACME (Let's Encrypt) support. Instructions + enable Synapse's built-in ACME (Let's Encrypt) support. Instructions for having Synapse automatically provision and renew federation - certificates through ACME can be found at [ACME.md](docs/ACME.md). + certificates through ACME can be found at [ACME.md](docs/ACME.md). If you + are using your own certificate, be sure to use a `.pem` file that includes + the full certificate chain including any intermediate certificates (for + instance, if using certbot, use `fullchain.pem` as your certificate, not + `cert.pem`). For those of you upgrading your TLS certificate in readiness for Synapse 1.0, please take a look at `our guide <docs/MSC1711_certificates_FAQ.md#configuring-certificates-for-compatibility-with-synapse-100>`_. |