diff options
author | Neil Johnson <neil@matrix.org> | 2019-06-06 17:23:02 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-06-06 17:23:02 +0100 |
commit | 833c406b9b34392eb64780eeef6b670be762ea21 (patch) | |
tree | bdaae34b3fbaea7af8c7dadb205c37f173c926da /docs/MSC1711_certificates_FAQ.md | |
parent | Regen sample config before kicking off agents (#5370) (diff) | |
download | synapse-833c406b9b34392eb64780eeef6b670be762ea21.tar.xz |
Neilj/1.0 upgrade notes (#5371)
1.0 upgrade/install notes
Diffstat (limited to '')
-rw-r--r-- | docs/MSC1711_certificates_FAQ.md | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/docs/MSC1711_certificates_FAQ.md b/docs/MSC1711_certificates_FAQ.md index 37f7f669c9..599462bdcb 100644 --- a/docs/MSC1711_certificates_FAQ.md +++ b/docs/MSC1711_certificates_FAQ.md @@ -68,16 +68,14 @@ Admins should upgrade and configure a valid CA cert. Homeservers that require a .well-known entry (see below), should retain their SRV record and use it alongside their .well-known record. -**>= 5th March 2019 - Synapse 1.0.0 is released** +**10th June 2019 - Synapse 1.0.0 is released** -1.0.0 will land no sooner than 1 month after 0.99.0, leaving server admins one -month after 5th February to upgrade to 0.99.0 and deploy their certificates. In +1.0.0 is scheduled for release on 10th June. In accordance with the the [S2S spec](https://matrix.org/docs/spec/server_server/r0.1.0.html) 1.0.0 will enforce certificate validity. This means that any homeserver without a valid certificate after this point will no longer be able to federate with 1.0.0 servers. - ## Configuring certificates for compatibility with Synapse 1.0.0 ### If you do not currently have an SRV record @@ -146,9 +144,9 @@ You can do this with a `.well-known` file as follows: with Synapse 0.34 and earlier. 2. Give Synapse a certificate corresponding to the target domain - (`customer.example.net` in the above example). You can either use Synapse's - built-in [ACME support](./ACME.md) for this (via the `domain` parameter in - the `acme` section), or acquire a certificate yourself and give it to + (`customer.example.net` in the above example). You can either use Synapse's + built-in [ACME support](./ACME.md) for this (via the `domain` parameter in + the `acme` section), or acquire a certificate yourself and give it to Synapse via `tls_certificate_path` and `tls_private_key_path`. 3. Restart Synapse to ensure the new certificate is loaded. |