Skip to content

Instantly share code, notes, and snippets.

@cloudcap10

cloudcap10/LE_ACME.md

Last active March 7, 2021 01:41
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cloudcap10/7d9de8890cc29fd85b47586fc7306156 to your computer and use it in GitHub Desktop.
Save cloudcap10/7d9de8890cc29fd85b47586fc7306156 to your computer and use it in GitHub Desktop.
Download ZIP
Let’s Encrypt SSL Certificate and ACME
Raw
LE_ACME.md

git clone https://github.com/acmesh-official/acme.sh.git

cd acme.sh

./acme.sh --install --accountemail "security@example.com" # Provide valid email address

source ~/.bashrc

cd

*********************** SAN Certs from LE using Standalone validation *********************** acme.sh --issue --standalone -d example.com -d www.example.com --ocsp-must-staple --keylength 2048

*********************** SAN Certs from LE using Webroot validation ***********************

acme.sh --issue -d example.com -d www.example.com --webroot /var/www/_letsencrypt --reloadcmd "sudo systemctl reload nginx.service" --ocsp-must-staple --keylength 2048

*********************** Wildcard Certs from LE using DNS API validation *********************** export CF_Key="XXXXXXXXXXXXX" export CF_Email="xxxx@example.com"

acme.sh --issue --dns dns_cf -d example.com -d '*.example.com' --ocsp-must-staple --keylength 2048

acme.sh --list

mkdir -p /etc/letsencrypt/example.com

acme.sh --install-cert
--domain example.com
--cert-file /etc/letsencrypt/example.com/cert.pem
--key-file /etc/letsencrypt/example.com/key.pem
--fullchain-file /etc/letsencrypt/example.com/fullchain.pem

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment