mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-12-26 15:02:03 +00:00
Merge branch 'master' of https://github.com/Neilpang/acme.sh
This commit is contained in:
commit
2fb4b62330
50
README.md
50
README.md
@ -46,17 +46,9 @@ https://github.com/Neilpang/acmetest
|
|||||||
3. Apache mode
|
3. Apache mode
|
||||||
4. Dns mode
|
4. Dns mode
|
||||||
|
|
||||||
# Upgrade from 1.x to 2.x
|
|
||||||
|
|
||||||
You can simply uninstall 1.x and re-install 2.x.
|
|
||||||
2.x is 100% compatible to 1.x. You will feel right at home as if nothing has changed.
|
|
||||||
|
|
||||||
# le.sh renamed to acme.sh NOW!
|
# 1. How to install
|
||||||
|
|
||||||
All configurations are 100% compatible between `le.sh` and `acme.sh`. You just need to uninstall `le.sh` and re-install `acme.sh` again.
|
|
||||||
Nothing will be broken during the process.
|
|
||||||
|
|
||||||
# How to install
|
|
||||||
|
|
||||||
### 1. Install online:
|
### 1. Install online:
|
||||||
|
|
||||||
@ -113,7 +105,7 @@ root@v1:~# acme.sh -h
|
|||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
# Just issue a cert:
|
# 2. Just issue a cert:
|
||||||
|
|
||||||
**Example 1:** Single domain.
|
**Example 1:** Single domain.
|
||||||
|
|
||||||
@ -141,7 +133,7 @@ The issued cert will be renewed every 80 days automatically.
|
|||||||
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
||||||
|
|
||||||
|
|
||||||
# Install issued cert to apache/nginx etc.
|
# 3. Install issued cert to apache/nginx etc.
|
||||||
|
|
||||||
After you issue a cert, you probably want to install the cert with your nginx/apache or other servers you may be using.
|
After you issue a cert, you probably want to install the cert with your nginx/apache or other servers you may be using.
|
||||||
|
|
||||||
@ -160,7 +152,7 @@ Install the issued cert/key to the production apache or nginx path.
|
|||||||
|
|
||||||
The cert will be `renewed every 80 days by default` (which is configurable). Once the cert is renewed, the apache/nginx will be automatically reloaded by the command: `service apache2 reload` or `service nginx reload`.
|
The cert will be `renewed every 80 days by default` (which is configurable). Once the cert is renewed, the apache/nginx will be automatically reloaded by the command: `service apache2 reload` or `service nginx reload`.
|
||||||
|
|
||||||
# Use Standalone server to issue cert
|
# 4. Use Standalone server to issue cert
|
||||||
|
|
||||||
**(requires you be root/sudoer, or you have permission to listen tcp 80 port)**
|
**(requires you be root/sudoer, or you have permission to listen tcp 80 port)**
|
||||||
|
|
||||||
@ -172,7 +164,7 @@ acme.sh --issue --standalone -d aa.com -d www.aa.com -d cp.aa.com
|
|||||||
|
|
||||||
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
||||||
|
|
||||||
# Use Standalone tls server to issue cert
|
# 5. Use Standalone tls server to issue cert
|
||||||
|
|
||||||
**(requires you be root/sudoer, or you have permission to listen tcp 443 port)**
|
**(requires you be root/sudoer, or you have permission to listen tcp 443 port)**
|
||||||
|
|
||||||
@ -186,7 +178,7 @@ acme.sh --issue --tls -d aa.com -d www.aa.com -d cp.aa.com
|
|||||||
|
|
||||||
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
||||||
|
|
||||||
# Use Apache mode
|
# 6. Use Apache mode
|
||||||
|
|
||||||
**(requires you be root/sudoer, since it is required to interact with apache server)**
|
**(requires you be root/sudoer, since it is required to interact with apache server)**
|
||||||
|
|
||||||
@ -202,7 +194,7 @@ acme.sh --issue --apache -d aa.com -d www.aa.com -d user.aa.com
|
|||||||
|
|
||||||
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
||||||
|
|
||||||
# Use DNS mode:
|
# 7. Use DNS mode:
|
||||||
|
|
||||||
Support the `dns-01` challenge.
|
Support the `dns-01` challenge.
|
||||||
|
|
||||||
@ -233,7 +225,7 @@ acme.sh --renew -d aa.com
|
|||||||
|
|
||||||
Ok, it's finished.
|
Ok, it's finished.
|
||||||
|
|
||||||
# Automatic DNS API integration
|
# 8. Automatic DNS API integration
|
||||||
|
|
||||||
If your DNS provider supports API access, we can use API to automatically issue the certs.
|
If your DNS provider supports API access, we can use API to automatically issue the certs.
|
||||||
|
|
||||||
@ -256,7 +248,7 @@ If your DNS provider is not on the supported list above, you can write your own
|
|||||||
|
|
||||||
For more details: [How to use dns api](dnsapi)
|
For more details: [How to use dns api](dnsapi)
|
||||||
|
|
||||||
# Issue ECC certificate:
|
# 9. Issue ECC certificate:
|
||||||
|
|
||||||
`Let's Encrypt` now can issue **ECDSA** certificates.
|
`Let's Encrypt` now can issue **ECDSA** certificates.
|
||||||
|
|
||||||
@ -286,6 +278,30 @@ Valid values are:
|
|||||||
2. **ec-384 (secp384r1, "ECDSA P-384")**
|
2. **ec-384 (secp384r1, "ECDSA P-384")**
|
||||||
3. **ec-521 (secp521r1, "ECDSA P-521", which is not supported by Let's Encrypt yet.)**
|
3. **ec-521 (secp521r1, "ECDSA P-521", which is not supported by Let's Encrypt yet.)**
|
||||||
|
|
||||||
|
|
||||||
|
# 10. How to renew the cert
|
||||||
|
|
||||||
|
No, you don't need to renew the certs manually. All the certs will be renewed automatically every 80 days.
|
||||||
|
|
||||||
|
However, you can also force to renew any cert:
|
||||||
|
|
||||||
|
```
|
||||||
|
acme.sh --renew -d aa.com --force
|
||||||
|
```
|
||||||
|
|
||||||
|
or, for ECC cert:
|
||||||
|
```
|
||||||
|
acme.sh --renew -d aa.com --force --ecc
|
||||||
|
```
|
||||||
|
|
||||||
|
# 11. How to upgrade `acme.sh`
|
||||||
|
acme.sh is in developing, it's strongly recommended to use the latest code.
|
||||||
|
|
||||||
|
You can update acme.sh to the latest code:
|
||||||
|
```
|
||||||
|
acme.sh --upgrade
|
||||||
|
```
|
||||||
|
|
||||||
# Under the Hood
|
# Under the Hood
|
||||||
|
|
||||||
Speak ACME language using shell, directly to "Let's Encrypt".
|
Speak ACME language using shell, directly to "Let's Encrypt".
|
||||||
|
Loading…
Reference in New Issue
Block a user