Apache, Control Panel, CPanel / WHM

ACME (acme.sh) Free SSL Certificate?

ACME (acme.sh) is a shell script for generating LetsEncrypt SSL certificate. acme.sh is written in bash, so it works on any Linux server without special requirements. For getting SSL, another popular option is to use certbot.

list all SSL certificatesacme.sh

SSL using manual DNS method

To install, run

cd /usr/local/src
git clone https://github.com/acmesh-official/acme.sh.git
cd ./acme.sh
./acme.sh --install -m [email protected]
source ~/.bashrc

When you install, it will set a daily cronjob for auto SSL renewal. You can see it with “crontab -l” command.

Set acme.sh to use LetsEncrypt SSL (Defaul is ZeroSSL)

acme.sh --set-default-ca --server letsencrypt

Set to ZeroSSL, run

acme.sh --set-default-ca --server zerossl

To issue an SSL certificate, run

acme.sh --issue -d example.com -d www.example.com -w /home/example.com/html/

Standalone mode

acme.sh  --issue  -d example.com  --standalone

Using non-standard port

acme.sh  --issue  -d example.com  --standalone --httpport 88

For more ways to issue SSL certificates, see


Install SSL Certificate

To install the SSL certificate, run

acme.sh --install-cert -d DOMAIN_NAME \
--fullchain-file /etc/ssl/DOMAIN_NAME.crt \
--key-file /etc/ssl/DOMAIN_NAME.key \
--reloadcmd "systemctl reload nginx.service"

For Apache

acme.sh --install-cert -d DOMAIN_NAME \
--cert-file /etc/ssl/DOMAIN_NAME.crt \
--key-file /etc/ssl/DOMAIN_NAME.key \
--fullchain-file /etc/ssl/DOMAIN_NAME.ca \
--reloadcmd "service apache2 force-reload"

If you use Apache, replace “service nginx force-reload” with “service apache2 force-reload”. For CentOS/RHEL, use httpd instead of apache2.