Added required DNS entries.

INSTALL.txt

@@ -62,10 +62,12 @@ cmd: cd ../..
 
 As Root: cmd: certbot --nginx -d <your domain name>
 
+Edit misc/reverse-proxy.conf and change "<My Domain Name>" to the correct value.
+
 From your working directory, do the following As Root:
 	cmd: cd oidc-registration-php
 	cmd: cp -r * /var/www/html
-	cmd: cp ssl-certs/* /usr/local/share/ca-certficates
+	cmd: cp ssl-certs/* /usr/local/share/ca-certificates
 	cmd: update-ca-certificates -f
 	cmd: cp misc/reverse-proxy.conf /etc/nginx/conf.d
 	cmd: ( cd /var/www/html ; mv -i index.html index.html-orig )

README.md

@@ -6,7 +6,11 @@ Most of the instructions are in INSTALL.txt, but this will give you a few instru
 
 To install this project, you should start with a machine, whether physical or virtual, based on Debian 12.
 
-You also need to have Git installed in this machine.
+You will need three DNS entries pointing at this machine.
+
+They are the normal one, one that is "authserver.[Your Domain Name]" and "idp.[Your Domain Name]".
+
+Before continuing, you will need to have Git installed in this machine.
 
 You will probably want to do:
 

misc/reverse-proxy.conf

@@ -1,69 +1,41 @@
-#stream {
-#map $ssl_preread_server_name $targetBackend {
-#authserver.cacert-phoenix.org 127.0.0.4444;
-#}
-#}
-
-#server {
-	#    if ($host = authserver.cacert-phoenix.org) {
-	#return 301 https://$host$request_uri;
-	#} # managed by Certbot
-
-	#    inet 141.98.154.48/23 brd 141.98.155.255 scope global eth0
-	    #       valid_lft forever preferred_lft forever
-       #    inet6 2a02:c202:3014:5331::1/64 scope global 
-
-	#    listen 141.98.154.48:4444;
-	#    #    ssl on;
-	#    server_name authserver.cacert-phoenix.org;
-    #    return 404; # managed by Certbot
-
-	#    location / {
-	#proxy_pass https://127.0.0.1:4444;
-	#proxy_set_header Host $host;
-	#p#roxy_set_header X-Real-IP $remote_addr;
-	#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-	#}
-
-	#}
 server {
-    if ($host = authserver.cacert-phoenix.org) {
+    if ($host = authserver.<My Domain Name>) {
         return 301 https://$host$request_uri;
     } # managed by Certbot
 
 
     listen 80;
-    server_name authserver.cacert-phoenix.org;
+    server_name authserver.<My Domain Name>;
     return 404; # managed by Certbot
 
 
 }
 server {
-    if ($host = idp.cacert-phoenix.org) {
+    if ($host = idp.<My Domain Name>) {
         return 301 https://$host$request_uri;
     } # managed by Certbot
 
 
     listen 80;
-    server_name idp.cacert-phoenix.org;
+    server_name idp.<My Domain Name>;
     return 404; # managed by Certbot
 
 
 }
 server {
-    if ($host = registration.cacert-phoenix.org) {
+    if ($host = <My Domain Name>) {
         return 301 https://$host$request_uri;
     } # managed by Certbot
 
 
     listen 80;
-    server_name registration.cacert-phoenix.org;
+    server_name <My Domain Name>;
     return 404; # managed by Certbot
 
 
 }
 server {
-    server_name authserver.cacert-phoenix.org;
+    server_name authserver.<My Domain Name>;
  
     location / {
         proxy_pass https://127.0.0.1:4444;
@@ -75,14 +47,14 @@ server {
     listen 443 ssl; # managed by Certbot
     listen 141.98.154.48:4444 ssl;
 
-    ssl_certificate /etc/letsencrypt/live/registration.cacert-phoenix.org/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/registration.cacert-phoenix.org/privkey.pem; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/<My Domain Name>/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/<My Domain Name>/privkey.pem; # managed by Certbot
     include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
 
 }
 server {
-    server_name idp.cacert-phoenix.org;
+    server_name idp.<My Domain Name>;
  
     location / {
         proxy_pass https://127.0.0.1:3000;
@@ -93,15 +65,15 @@ server {
 
     listen 443 ssl; # managed by Certbot
     listen 141.98.154.48:3000 ssl;
-    ssl_certificate /etc/letsencrypt/live/registration.cacert-phoenix.org/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/registration.cacert-phoenix.org/privkey.pem; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/<My Domain Name>/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/<My Domain Name>/privkey.pem; # managed by Certbot
     include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
 
 }
 
 server {
-    server_name registration.cacert-phoenix.org;
+    server_name <My Domain Name>;
  
     root           /var/www/html;
 
@@ -148,8 +120,8 @@ server {
   }
   
     listen 443 ssl http2; # managed by Certbot
-    ssl_certificate /etc/letsencrypt/live/registration.cacert-phoenix.org/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/registration.cacert-phoenix.org/privkey.pem; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/<My Domain Name>/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/<My Domain Name>/privkey.pem; # managed by Certbot
     include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot