3 лет назад · 91dfa501f8
--- a/docs/howto/lets-encrypt-certificate.md
+++ b/docs/howto/lets-encrypt-certificate.md
@@ -17,9 +17,11 @@ In this tutorial we'll focus on `HTTP-01` challenge type and make the following
 
				 - we need a TLS certificate for the `sftpgo.com` domain
			
 
				 - we have an existing web server already running on port `80` for the `sftpgo.com` domain and the web root path is `/var/www/sftpgo.com`
			
 
				 
			
 
				+## Overview
			
 
				+
			
 
				 - [Obtaining a certificate using the Lego CLI tool](#Obtaining-a-certificate-using-the-Lego-CLI-tool)
			
 
				   - [Automatic certificate renewal using the Lego CLI tool](#Automatic-certificate-renewal-using-the-Lego-CLI-tool)
			
 
				-- [## Obtaining a certificate using the ACME protocol built into SFTPGo](#Obtaining-a-certificate-using-the-ACME-protocol-built-into-SFTPGo)
			
 
				+- [Obtaining a certificate using the ACME protocol built into SFTPGo](#Obtaining-a-certificate-using-the-ACME-protocol-built-into-SFTPGo)
			
 
				 - [Enable HTTPS for SFTPGo Web UI and REST API](#Enable-HTTPS-for-SFTPGo-Web-UI-and-REST-API)
			
 
				 - [Enable HTTPS for WebDAV service](#Enable-HTTPS-for-WebDAV-service)
			
 
				 - [Enable explicit FTP over TLS](#Enable-explicit-FTP-over-TLS)
			
@@ -139,13 +141,13 @@ Open the SFTPGo configuration file, search for the `acme` section and change it
 
				 Make sure that the `sftpgo` user can write to the `/var/www/sftpgo.com` directory or pre-create the `/var/www/sftpgo.com/.well-known/acme-challenge` directory with the appropriate permissions.
			
 
				 This directory must be publicly served by your web server.
			
 
				 
			
 
				-Register your account and obtain the certificates with the following command.
			
 
				+Register your account and obtain certificates by running the following command as the root user.
			
 
				 
			
 
				 ```bash
			
 
				-sftpgo acme run -c /etc/sftpgo
			
 
				+su - sftpgo -s /bin/bash -c 'sftpgo acme run -c /etc/sftpgo'
			
 
				 ```
			
 
				 
			
 
				-If this command completes successfully, you are done. The SFTPGo service will take care of the automatic renewal of certificates for the configured domains.
			
 
				+If this command completes successfully, you are done. The SFTPGo service will take care of the automatic renewal of certificates for the configured domains. Make sure that the `sftpgo` system user can read and write to `/var/lib/sftpgo/certs` directory otherwise the certificate renewal will fail.
			
 
				 
			
 
				 ## Enable HTTPS for SFTPGo Web UI and REST API
			
 
				 
			
--- a/tests/ipfilter/go.mod
+++ b/tests/ipfilter/go.mod
@@ -22,4 +22,5 @@ require (
 
				 	google.golang.org/genproto v0.0.0-20220526192754-51939a95c655 // indirect
			
 
				 	google.golang.org/grpc v1.46.2 // indirect
			
 
				 	google.golang.org/protobuf v1.28.0 // indirect
			
 
				+	gopkg.in/yaml.v3 v3.0.0 // indirect
			
 
				 )
			
--- a/tests/ipfilter/go.sum
+++ b/tests/ipfilter/go.sum
@@ -169,7 +169,8 @@ google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw
 
				 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
			
 
				 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
			
 
				 gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
			
 
				-gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
			
 
				 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
			
 
				+gopkg.in/yaml.v3 v3.0.0 h1:hjy8E9ON/egN1tAYqKb61G10WtihqetD4sz2H+8nIeA=
			
 
				+gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
			
 
				 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
			
 
				 honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=