installation
curl https://get.acme.sh | sh
Specific instructions can refer to acme.sh , installedlogout
the environment variables to take effect
Use DNS API to apply for wildcard certificate
acme.sh
Currently supports dozens of resolver APIs such as cloudflare, dnspod, cloudxns, godaddy, and ovh. You can automatically add TXT records to verify, no manual operation is required, see How to use DNS API for details
Here is CloudFlare as an example. , Click on the avatar-My Profile in the upper right corner, pull it to the bottom, click on the view behind the Global API Key in the API Key, you can see Your API Key, write it down
Start applying
First set temporary environment variables, configure the API information we just got
export CF_Key = "sdfsdfsdfljlbjkljlkjsdfoiwje" export CF_Email = " [email protected] "
This temporary environment variable only needs to be configured this time. After successfully applying for the certificate, the API information will be automatically stored in it ~/.acme.sh/account.conf
. The next time you use it acme.sh
, it will be automatically used.
Next , you will officially start applying for a pan-domain certificate, which will be example.com
replaced by your own domain name.
acme.sh --issue --dns dns_cf -d example.com -d * .example.com -k ec-256
Then wait for 20 seconds
Get a certificate
After the application is completed, you will ~/.acme.sh/example.com_ecc
see your certificate file in the directory
The certificate is the fullchain.cer
keyexample.com.key