From 76c1ed6628009d8752a8135e80c2614a28bb5e18 Mon Sep 17 00:00:00 2001
From: David Kerr <david@kerr.net>
Date: Sun, 12 Feb 2017 18:08:17 -0500
Subject: [PATCH] Additional documentation for the unifi example.

---
 deploy/README.md | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/deploy/README.md b/deploy/README.md
index 9c22e80b..10f355d6 100644
--- a/deploy/README.md
+++ b/deploy/README.md
@@ -143,7 +143,21 @@ export ACME_DEPLOY_SSH_REMOTE_CMD="openssl pkcs12 -export \
 
 acme.sh --deploy -d unifi.example.com --deploy-hook ssh
 ```
-Note how in this exmple we execute several commands on the remote host
+In this exmple we execute several commands on the remote host
 after the certificate files have been copied... to generate a pkcs12 file
 compatible with Unifi, to import it into the Unifi keystore and then finaly
 to restart the service.
+
+Note also that once the certificate is imported
+into the keystore the individual certificate files are no longer
+required. We could if we desired delete those files immediately. If we
+do that then we should disable backup at the remote host (as there are
+no files to backup -- they were erased during deployment). For example...
+```sh
+export ACME_DEPLOY_SSH_BACKUP=no
+# modify the end of the remte command...
+&& rm /var/lib/unifi/unifi.example.com.key \
+      /var/lib/unifi/unifi.example.com.cer \
+      /var/lib/unifi/unifi.example.com.p12 \
+&& service unifi restart
+```