Acme.sh全自动获取SSL通配符证书

2021-03-01 作者:

Here I’m gonna show you a quick how-to on obtaining a wildcard SSL cert from Let’s Encrypt with the “pure shell written” acme.sh, which is simple, light-weight and far beyond flexible.

And you may already aware that I’ve an earlier post on doing this with another tool called certbot-auto, well, unfortuantely it’s… kinda still working… but having no support or further update anymore. As for the “official successor” of the certbot-auto? It seems the official guys have decided to walk step and step closer into the mire, with that good-looking but evil-inside snapd… oh, don’t even say that word again. It’s weird enough – I saw nothing around Canonical brand on sponsors list from homepage of Let’s Encrypt. That’s another topic anyway, a wildcard SSL cert for free is still worth my sincere appreciation in this case.

今天简单聊下如何使用acme.sh来获取通配符证书,纯shell工具比之前聊过的certbot-auto更为简单、轻量且灵活。此外不幸的是,半年不见certbot已然走上邪路,奇怪的是Let’s Encrypt首页赞助商清单里并未发现Canonical在列,让我倍感意外。

废话少叙,先装为敬。

安装过程中会自动创建cronjob,如果不想自动创建,安装时要加个参数,也可以手动把cronjob删掉(则证书不会自动展期)。

此时把阿里云key和secret填入环境变量(建议使用RAM账户,风险最小化)。

然后一句话申请wildcard(通配符)证书。

原创文章,转载请注明: 转载自渔人小径

本文链接地址: Acme.sh全自动获取SSL通配符证书

打赏 PayPal

文章的脚注信息由WordPress的wp-posturl插件自动生成

完整阅读本篇»