vh/rest-server
1
0
Fork 0
mirror of https://github.com/restic/rest-server.git synced 2025-12-06 17:15:45 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

README: propose a single openssl command instead of 2

Browse Source
This commit is contained in:
Clément Bœsch
2021-08-27 13:10:09 +02:00
parent f8db131226
commit ac8e95c8a4
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -94,8 +94,7 @@ By default the server uses HTTP protocol. This is not very secure since with Ba
Signed certificate is normally required by the restic backend, but if you just want to test the feature you can generate unsigned keys with the following commands:
```sh
openssl genrsa -out private_key 2048
openssl req -new -x509 -key private_key -out public_key -days 365 -addext "subjectAltName = IP:127.0.0.1,DNS:yourdomain.com"
openssl req -newkey rsa:2048 -x509 -keyout private_key -out public_key -days 365 -addext "subjectAltName = IP:127.0.0.1,DNS:yourdomain.com"
```
Omit the `IP:127.0.0.1` if you don't need your server be accessed via SSH Tunnels. No need to change default values in the openssl dialog, hitting enter every time is sufficient. To access this server via restic use `--cacert public_key`, meaning with a self-signed certificate you have to distribute your `public_key` file to every restic client.