From 3504e44095d195329db3c5dbcd8ca74b692650cf Mon Sep 17 00:00:00 2001
From: Florian Sesser <florian@private.storage>
Date: Wed, 3 Nov 2021 20:22:59 +0000
Subject: [PATCH] Update ops docs: No need for manually creating TLS keys
 anymore

Since !146 (merged on 2021-09-07) we let the NixOS Let's Encrypt integration
with NGINX handle TLS.  That integration cares for interim self-signed certs
until real ones are aquired.  The section about creating TLS certs by hand so
the service will start is obsolote.
---
 docs/ops/generating-keys.rst | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/docs/ops/generating-keys.rst b/docs/ops/generating-keys.rst
index c2f7028f..3da0410c 100644
--- a/docs/ops/generating-keys.rst
+++ b/docs/ops/generating-keys.rst
@@ -42,17 +42,6 @@ For example::
   echo -n "SILOWzbnkBjxC1hGde9d5Q3Ir/4yLosCLEnEQGAxEQE=" > ristretto.signing-key
 
 
-ZKAP-Issuer TLS
-```````````````
-
-The ZKAPIssuer.service needs a working TLS certificate and expects it in the certbot directory for the domain you configured, in my case::
-
-  openssl req -x509 -newkey rsa:4096 -nodes -keyout privkey.pem -out cert.pem -days 3650
-  touch chain.pem
-
-Move the three .pem files into the payment's server ``/var/lib/letsencrypt/live/payments.localdev/`` directory and issue a ``sudo systemctl restart zkapissuer.service``.
-
-
 Monitoring VPN
 ``````````````
 
-- 
GitLab