§2024-11-01

• An ACME Shell script: acme.sh

acme.sh is a lightweight, open-source shell script for obtaining and managing SSL/TLS certificates from the Let's Encrypt Certificate Authority. It offers a simple and efficient way to automate the process of acquiring, renewing, and deploying certificates.

1. Key Features of acme.sh:

• Ease of Use: The script is designed to be easy to use, with a straightforward command-line interface.
• Multiple DNS Providers: It supports various DNS providers for DNS-based domain validation, allowing you to issue certificates for domains without needing to serve files from your web server.
• Customizability: You can customize the installation and renewal process to fit your needs.
• Lightweight: Being a shell script, it has a small footprint and does not require heavy dependencies.
• Automatic Renewal: It can automatically renew certificates before they expire.

2. Basic Installation Steps:

• Install acme.sh: You can install acme.sh by running the following command:
  • curl https://get.acme.sh | sh

3. Issue a Certificate: To issue a certificate, use the following command, replacing example.com with your domain:

   • acme.sh --issue -d example.com --webroot /path/to/webroot

4. Alternatively, for DNS validation:

   • acme.sh --issue -d example.com --dns dns_provider

5. Install the Certificate: After successfully obtaining the certificate, you can install it with:

acme.sh --install-cert -d example.com \
--key-file /path/to/keyfile.key \
--fullchain-file /path/to/fullchain.cer

6. Set Up Auto-Renewal: acme.sh can set up a cron job to automatically renew the certificate.

7. Additional Information:

• Documentation: For detailed usage and options, refer to the acme.sh GitHub repository.
• Compatibility: It works with many web servers, including Nginx and Apache, and can be used on various operating systems.