Mention that using Synapse to serve certificates requires restarts

This commit is contained in:
Brendan Abolivier 2020-02-12 21:05:30 +00:00
parent e88a5dd108
commit 459d089af7
No known key found for this signature in database
GPG Key ID: 1E015C145F1916CD
1 changed files with 3 additions and 1 deletions

View File

@ -35,7 +35,9 @@ In case you can't do that and need Synapse to serve them itself, make
sure to set the `tls_certificate_path` configuration setting to the path
of the certificate (make sure to use the certificate containing the full
certification chain, e.g. `fullchain.pem` if using certbot) and
`tls_private_key_path` to the path of the matching private key.
`tls_private_key_path` to the path of the matching private key. Note
that in this case you will need to restart Synapse after each
certificate renewal so that Synapse stops using the old certificate.
If you still want to use Synapse's built-in ACME support, the rest of
this document explains how to set it up.