mirror of
https://github.com/acmesh-official/acme.sh.git
synced 2026-01-12 19:12:33 +08:00
Merge branch 'dev' of https://github.com/Neilpang/acme.sh into dev
# Conflicts: # README.md # dnsapi/README.md
This commit is contained in:
Ne-Lexa
50
README.md
50
README.md
@@ -70,11 +70,16 @@ For all build statuses, check our [weekly build project](https://github.com/Neil
|
||||
|
||||
https://github.com/Neilpang/acmetest
|
||||
|
||||
# Supported CA
|
||||
|
||||
- Letsencrypt.org CA(default)
|
||||
- [BuyPass.com CA](https://github.com/Neilpang/acme.sh/wiki/BuyPass.com-CA)
|
||||
|
||||
# Supported modes
|
||||
|
||||
- Webroot mode
|
||||
- Standalone mode
|
||||
- Standalone tls-alpn mode
|
||||
- Apache mode
|
||||
- Nginx mode
|
||||
- DNS mode
|
||||
@@ -221,8 +226,20 @@ acme.sh --issue --standalone -d example.com -d www.example.com -d cp.example.com
|
||||
|
||||
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
||||
|
||||
# 5. Use Standalone ssl server to issue cert
|
||||
|
||||
# 5. Use Apache mode
|
||||
**(requires you to be root/sudoer or have permission to listen on port 443 (TCP))**
|
||||
|
||||
Port `443` (TCP) **MUST** be free to listen on, otherwise you will be prompted to free it and try again.
|
||||
|
||||
```bash
|
||||
acme.sh --issue --alpn -d example.com -d www.example.com -d cp.example.com
|
||||
```
|
||||
|
||||
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
||||
|
||||
|
||||
# 6. Use Apache mode
|
||||
|
||||
**(requires you to be root/sudoer, since it is required to interact with Apache server)**
|
||||
|
||||
@@ -242,7 +259,7 @@ We don't want to mess your apache server, don't worry.**
|
||||
|
||||
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
||||
|
||||
# 6. Use Nginx mode
|
||||
# 7. Use Nginx mode
|
||||
|
||||
**(requires you to be root/sudoer, since it is required to interact with Nginx server)**
|
||||
|
||||
@@ -266,7 +283,7 @@ We don't want to mess your nginx server, don't worry.**
|
||||
|
||||
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
|
||||
|
||||
# 7. Automatic DNS API integration
|
||||
# 8. Automatic DNS API integration
|
||||
|
||||
If your DNS provider supports API access, we can use that API to automatically issue the certs.
|
||||
|
||||
@@ -331,7 +348,10 @@ You don't have to do anything manually!
|
||||
1. hosting.de (https://www.hosting.de)
|
||||
1. Neodigit.net API (https://www.neodigit.net)
|
||||
1. Exoscale.com API (https://www.exoscale.com/)
|
||||
1. Internet.bs API (https://internetbs.net/)
|
||||
1. PointDNS API (https://pointhq.com/)
|
||||
1. Active24.cz API (https://www.active24.cz/)
|
||||
1. do.de API (https://www.do.de/)
|
||||
1. internetbs.net API (https://internetbs.net/)
|
||||
|
||||
And:
|
||||
|
||||
@@ -345,7 +365,7 @@ If your DNS provider is not on the supported list above, you can write your own
|
||||
|
||||
For more details: [How to use DNS API](dnsapi)
|
||||
|
||||
# 8. Use DNS manual mode:
|
||||
# 9. Use DNS manual mode:
|
||||
|
||||
See: https://github.com/Neilpang/acme.sh/wiki/dns-manual-mode first.
|
||||
|
||||
@@ -381,7 +401,7 @@ Ok, it's done.
|
||||
|
||||
**Please use dns api mode instead.**
|
||||
|
||||
# 9. Issue ECC certificates
|
||||
# 10. Issue ECC certificates
|
||||
|
||||
`Let's Encrypt` can now issue **ECDSA** certificates.
|
||||
|
||||
@@ -413,7 +433,7 @@ Valid values are:
|
||||
|
||||
|
||||
|
||||
# 10. Issue Wildcard certificates
|
||||
# 11. Issue Wildcard certificates
|
||||
|
||||
It's simple, just give a wildcard domain as the `-d` parameter.
|
||||
|
||||
@@ -423,7 +443,7 @@ acme.sh --issue -d example.com -d '*.example.com' --dns dns_cf
|
||||
|
||||
|
||||
|
||||
# 11. How to renew the certs
|
||||
# 12. How to renew the certs
|
||||
|
||||
No, you don't need to renew the certs manually. All the certs will be renewed automatically every **60** days.
|
||||
|
||||
@@ -440,7 +460,7 @@ acme.sh --renew -d example.com --force --ecc
|
||||
```
|
||||
|
||||
|
||||
# 12. How to stop cert renewal
|
||||
# 13. How to stop cert renewal
|
||||
|
||||
To stop renewal of a cert, you can execute the following to remove the cert from the renewal list:
|
||||
|
||||
@@ -453,7 +473,7 @@ The cert/key file is not removed from the disk.
|
||||
You can remove the respective directory (e.g. `~/.acme.sh/example.com`) by yourself.
|
||||
|
||||
|
||||
# 13. How to upgrade `acme.sh`
|
||||
# 14. How to upgrade `acme.sh`
|
||||
|
||||
acme.sh is in constant development, so it's strongly recommended to use the latest code.
|
||||
|
||||
@@ -478,25 +498,25 @@ acme.sh --upgrade --auto-upgrade 0
|
||||
```
|
||||
|
||||
|
||||
# 14. Issue a cert from an existing CSR
|
||||
# 15. Issue a cert from an existing CSR
|
||||
|
||||
https://github.com/Neilpang/acme.sh/wiki/Issue-a-cert-from-existing-CSR
|
||||
|
||||
|
||||
# 15. Under the Hood
|
||||
# 16. Under the Hood
|
||||
|
||||
Speak ACME language using shell, directly to "Let's Encrypt".
|
||||
|
||||
TODO:
|
||||
|
||||
|
||||
# 16. Acknowledgments
|
||||
# 17. Acknowledgments
|
||||
|
||||
1. Acme-tiny: https://github.com/diafygi/acme-tiny
|
||||
2. ACME protocol: https://github.com/ietf-wg-acme/acme
|
||||
|
||||
|
||||
# 17. License & Others
|
||||
# 18. License & Others
|
||||
|
||||
License is GPLv3
|
||||
|
||||
@@ -505,7 +525,7 @@ Please Star and Fork me.
|
||||
[Issues](https://github.com/Neilpang/acme.sh/issues) and [pull requests](https://github.com/Neilpang/acme.sh/pulls) are welcome.
|
||||
|
||||
|
||||
# 18. Donate
|
||||
# 19. Donate
|
||||
Your donation makes **acme.sh** better:
|
||||
|
||||
1. PayPal/Alipay(支付宝)/Wechat(微信): [https://donate.acme.sh/](https://donate.acme.sh/)
|
||||
|
||||
Reference in New Issue
Block a user