adjustments to readme for clarity

README.md

@@ -62,6 +62,12 @@ In the case where both are defined, environment variables take precedence. Envir
 
 For example, `NJS_ACME_SERVER_NAMES` (env var) is the same as `$njs_acme_server_names` (js_var).
 
+### Staging by Default
+
+The value of the variable `NJS_ACME_DIRECTORY_URI` (`js_var $njs_acme_directory_uri`) defaults to Let's Encrypt's _Staging_ environment. When you are finished testing with their staging environment, you will need to define/change the value of this to your ACME provider's production environment. In Let's Encrypt's case the production URL is `https://acme-v02.api.letsencrypt.org/directory`.
+
+You will need to remove the staging certificate from your NGINX server's filesystem when changing from staging to production. It is located in `/etc/nginx/njs-acme/` by default (controlled by the variable `NJS_ACME_DIR`).
+
 ### Required Variables
 
    - `NJS_ACME_ACCOUNT_EMAIL` (env)\

examples/nginx.conf

@@ -1,3 +1,9 @@
+##
+# Example configuration showing a single server block to handle HTTP and HTTP
+# communications, as well as automatcally issuing / renewing the TLS
+# certificate. See the other files in this directory for other examples.
+##
+
 daemon off;
 user nginx;
 
@@ -52,6 +58,9 @@ http {
     # js_var $njs_acme_shared_dict_zone_name acme;
 
 
+    ## Let's Encrypt Production URL (uncomment after you are done testing with their staging environment)
+    # js_var $njs_acme_directory_uri https://acme-v02.api.letsencrypt.org/directory
+
     # Stores the key/cert content in these variables.
     js_set $dynamic_ssl_cert acme.js_cert;
     js_set $dynamic_ssl_key acme.js_key;
@@ -65,7 +74,7 @@ http {
       js_periodic acme.clientAutoMode interval=1m;
     }
 
-    # Respond to ACME challenges
+    # Respond challenges from the ACME server (e.g. Let's Encrypt)
     location ~ "^/\.well-known/acme-challenge/[-_A-Za-z0-9]{22,128}$" {
       js_content acme.challengeResponse;
     }