Remove the special emphasis of "RSA" because EC keys are working too

author: Thomas Lange <code@nerdmind.de> 2018-05-20 17:55:39 +0200
committer: Thomas Lange <code@nerdmind.de> 2018-05-20 17:55:39 +0200
commit: 7155b9765422cc0bbd54824acdf6d5fa1836c2a2 (patch)
tree: 8e6c97983419fb52934fd7e5c8e44fdde8bba0f1
parent: f380c7b264ab0ea0d1edfc2fa37082be5bc949c2 (diff)
download: painlessle-7155b9765422cc0bbd54824acdf6d5fa1836c2a2.tar.gz
painlessle-7155b9765422cc0bbd54824acdf6d5fa1836c2a2.tar.xz
painlessle-7155b9765422cc0bbd54824acdf6d5fa1836c2a2.zip
2 files changed, 7 insertions, 7 deletions
diff --git a/painless-le.sh b/painless-le.sh
index 9b265a4..48d65ed 100755
--- a/painless-le.sh
+++ b/painless-le.sh
@@ -5,12 +5,12 @@
 #                                                                              #
 # Easily get an X.509 certificate from the Let's Encrypt Certificate Authority #
 # for a bunch of hostnames without having an HTTP server installed. The script #
-# assumes that you have an existing RSA private key stored within your desired #
+# assumes that you have an existing private key stored within your desired     #
 # install directory (with the filename which is defined in "${CONFIDENTIAL}"). #
 #                                                                              #
 # OPTION [-i]: Full path to the install directory for the certificates.        #
 # OPTION [-h]: List of hostnames for the certificate: example.org[:...]        #
-# OPTION [-K]: Filename for the existing RSA private key relative to [-i]      #
+# OPTION [-K]: Filename for the existing private key relative to [-i]          #
 # OPTION [-I]: Target filename for the intermediate cert relative to [-i]      #
 # OPTION [-C]: Target filename for the certificate only file relative to [-i]  #
 # OPTION [-F]: Target filename for the certificate full file relative to [-i]  #
diff --git a/readme.md b/readme.md
index c07d115..98b2d66 100644
--- a/readme.md
+++ b/readme.md
@@ -1,5 +1,5 @@
 # PainlessLE: Let's Encrypt Certificate Issuing
-Painless issuing a single [X.509 certificate](https://tools.ietf.org/html/rfc5280) for a bunch of hostnames from the **Let's Encrypt** Certification Authority (CA) without having an HTTP server installed (or for those people who do not want to touch their HTTP web directories and place a specific file to accomplish the ACME challenge). PainlessLE assumes that there is already a manually created RSA private key which is used for the Certificate-Signing-Request (CSR) by OpenSSL. The location for the RSA private key is defined within the `"CONFIDENTIAL"` variable and the path should exist with the correct UNIX file permissions.
+Painless issuing a single [X.509 certificate](https://tools.ietf.org/html/rfc5280) for a bunch of hostnames from the **Let's Encrypt** Certification Authority (CA) without having an HTTP server installed (or for those people who do not want to touch their HTTP web directories and place a specific file to accomplish the ACME challenge). PainlessLE assumes that there is already a manually created private key which is used for the Certificate-Signing-Request (CSR) by OpenSSL. The location for the private key is defined within the `"CONFIDENTIAL"` variable and the path should exist with the correct UNIX file permissions.
 
 ## Requirements
 The [Certbot client](https://certbot.eff.org/) must be installed on your machine because PainlessLE uses this piece of software to communicate over the [ACME protocol](https://tools.ietf.org/html/draft-ietf-acme-acme-01) with the ACME endpoint of Let's Encrypt and runs the ACME challenge. There are no known further requirements for using PainlessLE on Debian GNU/Linux at this time.
@@ -10,18 +10,18 @@ Change the `LETSENCRYPT_ENDPOINT` to the address of the ACME staging API for tes
 ## Arguments
 
 ### Required command-line options:
-* `[-i]`: Contains a string with the directory path where the certificates should be installed. This directory should already contain a manually created RSA private key (filename can be overwritten by providing the `[-K]` option) for the Certificate-Signing-Request (CSR). It's always a good idea to handle the RSA private keys manually because you may use [HTTP Public-Key-Pinning (HPKP)](https://tools.ietf.org/html/rfc7469) so that you must ensure, that the RSA private key does not change.
+* `[-i]`: Contains a string with the directory path where the certificates should be installed. This directory should already contain a manually created private key (filename can be overwritten by providing the `[-K]` option) for the Certificate-Signing-Request (CSR). It's always a good idea to handle the private keys manually because you may use [HTTP Public-Key-Pinning (HPKP)](https://tools.ietf.org/html/rfc7469) so that you must ensure, that the private key does not change.
 
 * `[-h]`: Contains a colon (`:`) separated string with the DNS hostnames to include within the certificate. The string must be formatted as follows, without containing colons anywhere except **between** the hostnames: `example.org:blog.example.org:shop.example.org`
 
 ### Additional command-line options:
-* `[-K]`: Filename for the existing RSA private key relative to `[-i]`
+* `[-K]`: Filename for the existing private key relative to `[-i]`
 * `[-I]`: Target filename for the intermediate certificate relative to `[-i]`
 * `[-C]`: Target filename for the certificate only file relative to `[-i]`
 * `[-F]`: Target filename for the certificate full fiĺe relative to `[-i]`
 
 ## Example
-Lets assume that you want to get a single X.509 certificate from the Let's Encrypt CA which includes three hostnames of your domain `example.org` (main domain, blog subdomain and shop subdomain). You already have an RSA private key with the correct UNIX file permissions stored within the following example directory with the name `confidential.pem`:
+Lets assume that you want to get a single X.509 certificate from the Let's Encrypt CA which includes three hostnames of your domain `example.org` (main domain, blog subdomain and shop subdomain). You already have an private key with the correct UNIX file permissions stored within the following example directory with the name `confidential.pem`:
 
 	/etc/painless-le/example.org/
 	└── [-rw-r----- user     group    ]  confidential.pem
@@ -38,4 +38,4 @@ The certbot client will now contact the ACME challenge servers and runs a tempor
 	├── [-rw-r----- user     group    ]  confidential.pem
 	└── [-rw-r----- user     group    ]  intermediate.pem
 
-**Note:** The new certificates inherit the UNIX file permissions (**chmod** and **chown**) of the RSA private key `confidential.pem`!
-\ No newline at end of file
+**Note:** The new certificates inherit the UNIX file permissions (**chmod** and **chown**) of the private key `confidential.pem`!
+\ No newline at end of file
author	Thomas Lange <code@nerdmind.de>	2018-05-20 17:55:39 +0200
committer	Thomas Lange <code@nerdmind.de>	2018-05-20 17:55:39 +0200
commit	7155b9765422cc0bbd54824acdf6d5fa1836c2a2 (patch)
tree	8e6c97983419fb52934fd7e5c8e44fdde8bba0f1
parent	f380c7b264ab0ea0d1edfc2fa37082be5bc949c2 (diff)
download	painlessle-7155b9765422cc0bbd54824acdf6d5fa1836c2a2.tar.gz painlessle-7155b9765422cc0bbd54824acdf6d5fa1836c2a2.tar.xz painlessle-7155b9765422cc0bbd54824acdf6d5fa1836c2a2.zip