# An ACME Shell script: acme.sh
- An ACME protocol client written purely in Shell (Unix shell) language.
- Full ACME protocol implementation.
- Support ECDSA certs
- Support SAN and wildcard certs
- Simple, powerful and very easy to use. You only need 3 minutes to learn it.
- Bash, dash and sh compatible.
- Purely written in Shell with no dependencies on python.
- Just one script to issue, renew and install your certificates automatically.
- DOES NOT require `root/sudoer` access.
- Docker ready
- IPv6 ready
- Cron job notifications for renewal or error etc.
It's probably the `easiest & smartest` shell script to automatically issue & renew the free certificates.
# Supported modes
- Webroot mode
- Standalone mode
- Standalone tls-alpn mode
- Apache mode
- Nginx mode
- DNS mode
# 1. How to install
### 1. Install online
```bash
curl https://get.acme.sh | sh -s email=my@example.com
```
Or:
```bash
wget -O - https://get.acme.sh | sh -s email=my@example.com
```
### 2. Or, Install from git
Clone this project and launch installation:
```bash
git clone https:
cd ./acme.sh
./acme.sh --install -m my@example.com
```
You `don't have to be root` then, although `it is recommended`.
The installer will perform 3 actions:
1. Create and copy `acme.sh` to your home dir (`$HOME`): `~/.acme.sh/`.
All certs will be placed in this folder too.
2. Create alias for: `acme.sh=~/.acme.sh/acme.sh`.
3. Create daily cron job to check and renew the certs if needed.
Cron entry example:
```bash
0 0 * * * "/home/user/.acme.sh"/acme.sh --cron --home "/home/user/.acme.sh" > /dev/null
```
After the installation, you must close the current terminal and reopen it to make the alias take effect.
Ok, you are ready to issue certs now.
Show help message:
```sh
root@v1:~# acme.sh -h
```
# 2. Just issue a cert
**Example 1:** Single domain.
```bash
acme.sh --issue -d example.com -w /home/wwwroot/example.com
```
or:
```bash
acme.sh --issue -d example.com -w /home/username/public_html
```
or:
```bash
acme.sh --issue -d example.com -w /var/www/html
```
**Example 2:** Multiple domains in the same cert.
```bash
acme.sh --issue -d example.com -d www.example.com -d cp.example.com -w /home/wwwroot/example.com
```
The parameter `/home/wwwroot/example.com` or `/home/username/public_html` or `/var/www/html` is the web root folder where you host your website files. You **MUST** have `write access` to this folder.
Second argument **"example.com"** is the main domain you want to issue the cert for.
You must have at least one domain there.
You must point and bind all the domains to the same webroot dir: `/home/wwwroot/example.com`.
The certs will be placed in `~/.acme.sh/example.com/`
The certs will be renewed automatically every **60** days.
# 3. Install the cert to Apache/Nginx etc.
After the cert is generated, you probably want to install/copy the cert to your Apache/Nginx or other servers.
You **MUST** use this command to copy the certs to the target files, **DO NOT** use the certs files in **~/.acme.sh/** folder, they are for internal use only, the folder structure may change in the future.
**Apache** example:
```bash
acme.sh --install-cert -d example.com \
--cert-file /path/to/certfile/in/apache/cert.pem \
--key-file /path/to/keyfile/in/apache/key.pem \
--fullchain-file /path/to/fullchain/certfile/apache/fullchain.pem \
--reloadcmd "service apache2 force-reload"
```
**Nginx** example:
```bash
acme.sh --install-cert -d example.com \
--key-file /path/to/keyfile/in/nginx/key.pem \
--fullchain-file /path/to/fullchain/nginx/cert.pem \
--reloadcmd "service nginx force-reload"
```
Only the domain is required, all the other parameters are optional.
The ownership and permission info of existing files are preserved. You can pre-create the files to define the ownership and permission.
Install/copy the cert/key to the production Apache or Nginx path.
The cert will be renewed every **60** days by default (which is configurable). Once the cert is renewed, the Apache/Nginx service will be reloaded automatically by the command: `service apache2 force-reload` or `service nginx force-reload`.
**Please take care: The reloadcmd is very important. The cert can be automatically renewed, but, without a correct 'reloadcmd' the cert may not be flushed to your server(like nginx or apache), then your website will not be able to show renewed cert in 60 days.**
# 4. Use Standalone server to issue cert
**(requires you to be root/sudoer or have permission to listen on port 80 (TCP))**
Port `80` (TCP) **MUST** be free to listen on, otherwise you will be prompted to free it and try again.
```bash
acme.sh --issue --standalone -d example.com -d www.example.com -d cp.example.com
```
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
acme.sh 实现了 acme 协议,可以从 Let's Encrypt 生成免费的证书,内含完整源代码 生成证书 acme.sh 实现了 acme 协议支持的所有验证协议,有两种方式验证: http 验证 和 dns 验证。 1. http 方式 http 方式需要在你的网站根目录下放置一个文件,来验证你的域名所有权,完成验证后就可以生成证书。 运行命令: # 改成你的域名和你的网站根目录 acme.sh --issue -d mydomain.com -d www.mydomain.com --webroot /home/wwwroot/mydomain.com/ 只需要指定域名, 并指定域名所在的网站根目录。acme.sh 会全自动的生成验证文件,并放到网站的根目录,然后自动完成验证。最后会自动删除验证文件。整个过程没有任何副作用。 使用 apache 服务器 如果你用的 apache 服务器,acme.sh 还可以智能地从 apache 的配置中自动完成验证,你不需要指定网站根目录: acme.sh --issue -d mydomain.com --apach
资源推荐
资源详情
资源评论
收起资源包目录
acme.sh 实现了 acme 协议,可以从 Let's Encrypt 生成免费的证书,内含完整源代码 (231个子文件)
Dockerfile 1KB
LICENSE.md 34KB
README.md 5KB
ISSUE_TEMPLATE.md 830B
PULL_REQUEST_TEMPLATE.md 355B
README.md 101B
README.md 94B
acme.sh 218KB
dns_pleskxml.sh 19KB
ssh.sh 15KB
dns_edgedns.sh 15KB
dns_azure.sh 14KB
smtp.sh 12KB
dns_freedns.sh 12KB
dns_aws.sh 12KB
dns_kas.sh 11KB
dns_openstack.sh 11KB
synology_dsm.sh 10KB
dns_oci.sh 10KB
lighttpd.sh 10KB
haproxy.sh 10KB
dns_cyon.sh 10KB
truenas.sh 10KB
dns_namecheap.sh 10KB
dns_inwx.sh 9KB
dns_dnsservices.sh 9KB
dns_huaweicloud.sh 9KB
dns_euserv.sh 9KB
dns_openprovider.sh 9KB
dns_1984hosting.sh 9KB
dns_dynv6.sh 9KB
docker.sh 9KB
panos.sh 9KB
unifi.sh 9KB
openstack.sh 8KB
dns_hostingde.sh 8KB
dns_yc.sh 8KB
dns_jd.sh 8KB
dns_geoscaling.sh 8KB
dns_conoha.sh 8KB
dns_ovh.sh 8KB
dns_dyn.sh 8KB
dns_bunny.sh 8KB
dns_dgon.sh 8KB
dns_loopia.sh 8KB
cpanel_uapi.sh 8KB
dns_ispconfig.sh 7KB
dns_opnsense.sh 7KB
dns_cf.sh 7KB
dns_world4you.sh 7KB
aws_ses.sh 7KB
dns_hetzner.sh 7KB
dns_mythic_beasts.sh 7KB
dns_he.sh 6KB
dns_rcode0.sh 6KB
openmediavault.sh 6KB
dns_clouddns.sh 6KB
dns_rackspace.sh 6KB
dns_tencent.sh 6KB
dns_simply.sh 6KB
dns_infomaniak.sh 6KB
dns_one.sh 6KB
routeros.sh 6KB
dns_autodns.sh 6KB
dns_miab.sh 6KB
dns_cloudns.sh 6KB
dns_schlundtech.sh 6KB
dns_constellix.sh 6KB
dns_nw.sh 6KB
dns_nic.sh 5KB
dns_da.sh 5KB
dns_online.sh 5KB
dns_pdns.sh 5KB
dns_servercow.sh 5KB
dns_artfiles.sh 5KB
dns_websupport.sh 5KB
dns_transip.sh 5KB
dns_azion.sh 5KB
dns_gd.sh 5KB
dns_dynu.sh 5KB
dns_internetbs.sh 5KB
dns_gandi_livedns.sh 5KB
dns_ali.sh 5KB
dns_gcore.sh 5KB
dns_cpanel.sh 5KB
dns_mydnsjp.sh 5KB
dns_desec.sh 5KB
dns_gcloud.sh 5KB
dns_linode_v4.sh 5KB
proxmoxve.sh 5KB
dns_dnsimple.sh 5KB
gcore_cdn.sh 5KB
dns_namecom.sh 5KB
dns_ultra.sh 5KB
dns_durabledns.sh 5KB
dns_aurora.sh 5KB
dns_curanet.sh 5KB
dns_linode.sh 5KB
dns_kappernet.sh 5KB
vault.sh 5KB
共 231 条
- 1
- 2
- 3
资源评论
流华追梦
- 粉丝: 1w+
- 资源: 3850
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- 配电网优化模型matlab 考虑可转移负荷、中断负荷以及储能、分布式能源的33节点系统优化模型,采用改进麻雀搜索算法,以IEEE33节点为例,以风电运维成本、网损成本等为目标,得到系统优化结果,一共有
- 客户购物 (最新趋势) 数据集
- 运行在PostgreSQL中的AdventureWorks示例数据库
- 基于SpringBoot的在线考试系统源代码全套技术资料.zip
- 纯电动汽车两档ATM变速箱simulink模型,模型实现了两档AMT挡策略和挡过程仿真,内含详细文档和注释模型,可运行
- 四轮转向系统横摆角速度控制simulink仿真模型,利用滑模控制算法,基于八自由度车辆模型,控制有比较好的效果,附参考说明
- MicrosoftEdge-X64-131.0.2903.99.rar
- 玩转西门子V90扭矩控制功能-各种扭矩参数功能详解.mp4
- 最新云夕打赏系统源码分享
- 饮食管理系统项目源代码全套技术资料.zip
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功