A WordPress plugin to manage site specific TLS certificates on the WSUWP Platform.
WSUWP TLS maintains a list of domains awaiting TLS configuration on a multisite/multinetwork instance of WordPress through options stored in the primary site's
wp_options table. A process is available for generating a domain's CSR and private key, uploading a matching certificate, creating an nginx server block, and in general—keeping track of the flow.
To take full advantage of the plugin by default, the following directories should be available and writeable by the user running WordPress:
/home/www-data/- filtered through
/home/www-data/pending-cert/- filtered through
/home/www-data/to-deploy/- filtered through
/home/www-data/deployed/- filtered through
/home/www-data/complete/- filtered through
An nginx configuration file will be generated in the staging directory (see above) with the server block(s) for the domain:
04_generated_config.conf- filtered through
Matching deployment scripts should be created on the server, likely run via cron, to manage the deployment of certificates.
- On CSR and key generation,
.keyfiles will be in the pending certificate directory.
- Once a certificate for the domain is uploaded, the matching
.keyfile and the uploaded
.cerfile will be moved by the plugin to the to deploy directory.
- At this point a cron script should manage the deployment of the
.cer, and nginx config files to their proper locations.
- Once deployed, the cron script should move the
.cerfiles to the deployed directory.
- Files will be moved from the deployed directory to the complete directory via the "Remove" action in the interface after confirmation of the working TLS config.