From 00af303b60766f33d6a7e2ca38c9e8cb51d238b6 Mon Sep 17 00:00:00 2001
From: Jens Spanier <42373861+JensSpanier@users.noreply.github.com>
Date: Thu, 30 Oct 2025 08:01:39 +0100
Subject: [PATCH] add description for keyhelp_api

---
 deployhooks.md | 29 +++++++++++++++++++++++------
 1 file changed, 23 insertions(+), 6 deletions(-)

diff --git a/deployhooks.md b/deployhooks.md
index ad6327f..3b7013a 100644
--- a/deployhooks.md
+++ b/deployhooks.md
@@ -1017,7 +1017,24 @@ export DEPLOY_KEYHELP_ENFORCE_HTTPS="1"
 acme.sh --deploy -d example.com --deploy-hook keyhelp
 ```
 
-## 34. Deploy your certificate to CDN or DCDN of Alibaba Cloud (Aliyun)
+## 34. Deploy the certificate to KeyHelp via API
+This deploy hook allows you to automatically upload your certificate to a KeyHelp server using its REST API.
+First, an attempt is made to update an existing certificate based on the name. If this fails because the certificate cannot be found, a new certificate is created.
+
+You need to define the following variables before running the deploy command:
+```sh
+export DEPLOY_KEYHELP_HOST="https://keyhelp.example.com"
+export DEPLOY_KEYHELP_API_KEY="your_api_key_here"
+```
+If you want to deploy to multiple KeyHelp servers, you can specify multiple hosts and API keys, separated by either commas or spaces.
+The order matters: the first API key corresponds to the first host, the second key to the second host, and so on.
+
+Once the environment variables are set, you can deploy the certificate to your KeyHelp server(s):
+```sh
+acme.sh --deploy -d example.com --deploy-hook keyhelp_api
+```
+
+## 35. Deploy your certificate to CDN or DCDN of Alibaba Cloud (Aliyun)
 
 使用 acme.sh 部署到阿里云 CDN / DCDN 之前，需要先创建[访问密钥](https://help.aliyun.com/zh/ram/user-guide/create-an-accesskey-pair)，并赋予相应权限： [CDN](https://help.aliyun.com/zh/cdn/developer-reference/api-cdn-2018-05-10-setcdndomainsslcertificate#api-detail-31) / [DCDN](https://help.aliyun.com/zh/dcdn/developer-reference/api-dcdn-2018-01-15-setdcdndomainsslcertificate#api-detail-31)。
 
@@ -1086,7 +1103,7 @@ $ export DEPLOY_ALI_CDN_DOMAIN="cdn1.example.com cdn2.example.com"
 $ acme.sh --deploy -d example.com --deploy-hook ali_cdn
 ```
 
-## 35. Deploy your certificate to Ruckus Unleashed or Ruckus ZoneDirector
+## 36. Deploy your certificate to Ruckus Unleashed or Ruckus ZoneDirector
 
 For your first deployment, you must specify your Unleashed administrative credentials.  
 If you are using a SAN or wildcard certificate, then you must also specify a hostname.  
@@ -1119,7 +1136,7 @@ If you have multiple APs then ensure the management interface doesn't migrate to
 
 Although these notes only mention Unleashed, the deploy hook also supports Ruckus ZoneDirector.
 
-## 36. Deploying to Zyxel GS1900 Series Switches
+## 37. Deploying to Zyxel GS1900 Series Switches
 
 This script uses the https web administration interface in order
 to upload updated certificates to Zyxel GS1900 series switches.
@@ -1154,7 +1171,7 @@ export DEPLOY_ZYXEL_SWITCH_REBOOT   # If "1" reboot the switch after a certifica
 acme.sh --deploy -d example.com --deploy-hook zyxel_gs1900 # specify --insecure if the switch currently has a self-signed certificate
 ```
 
-## 37. Deploying to multiple services with the same hooks
+## 38. Deploying to multiple services with the same hooks
 Multideploy allows you to deploy your certificates to multiple services, even those that use the same hook. To use this hook, issue a cert and create a new file, `multideploy.yml,` in the certificate directory. This must contain a version and the services to which your certificate will be deployed. All services specified will be used to deploy your certificate!
 
 ### Compatibility
@@ -1233,7 +1250,7 @@ If no filename is exported, the hook will always look for the config `multideplo
 ### Bug reporting / feature request
 Create a new issue and mention @tomo2403 to get help. Currently, there is no other contributor for this hook.
 
-## 38. Deploy to Kemp LoadMaster Load Balancer
+## 39. Deploy to Kemp LoadMaster Load Balancer
 Before you can deploy your cert, you must [issue the cert first](https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert).
 You must also generate an API token on the Kemp LoadMaster.
 ```
@@ -1243,7 +1260,7 @@ acme.sh --deploy -d example.com --deploy-hook kemplm
 ```
 If you generated a wildcard certificate and your certificate files are named _*.example.com_ it will be named just _example.com_ in the Kemp LoadMaster, since it allows only alphanumeric names for certificates.
 
-## 39. Deploy to local directory via copy
+## 40. Deploy to local directory via copy
 Deploy hook to copy certificates to specified directories and execute new command. Helpful for admins that want to simply deploy the certificates to a directory and then execute a custom script/command to perform necessary tasks. Especially useful when used in conjuction with the `multideploy` hook (in development).
 
 Setting `DEPLOY_LOCALCOPY_CERTKEY` and `DEPLOY_LOCALCOPY_CERTIFICATE` or `DEPLOY_LOCALCOPY_FULLCHAIN` to the same path will result in a combined PEM file being outputted.