From e2a8cc9df3d43e9a187abde05e07754d17df2a46 Mon Sep 17 00:00:00 2001
From: Jeffrey van Pelt <jeffrey.vanpelt@element-networks.nl>
Date: Tue, 31 May 2016 22:37:48 +0200
Subject: [PATCH] Add Nginx reverse proxy option

This adds the configuration required to make a Nginx reverse proxy
handle the ACME client's requests for proof of domain ownership.
---
 README.md | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/README.md b/README.md
index 508972f5..81dc2b70 100644
--- a/README.md
+++ b/README.md
@@ -222,6 +222,30 @@ If your DNS provider supports API access, we can use API to automatically issue
 
 You don't have do anything manually!
 
+# Run on Nginx Reverse Proxy
+
+**(requires you be root/sudoer, since it is required to interact with nginx server)**
+
+This can be useful if you can't (or don't want to) edit the server (e.g. a HTML5 application server) to support the ACME client.
+
+Include the following configuration in your nginx configuration for a specified virtual host:
+
+```
+# Config to use with the acme.sh client for Let's Encrypt
+   location ~* /.well-known {                                                   
+      allow all;                                                                
+      root /var/www/html;                                                       
+   }  
+```
+
+And create the .well-known directory on your system
+
+```
+mkdir -p /var/www/html/.well-known
+```
+
+This will allow your Nginx reverse proxy to answer the ACME client's proof of ownership request. All other requests will still be handled by the backend.
+
 ### Currently acme.sh supports:
 
 1. Cloudflare.com API