ACME (acme.sh) is a shell script for generating LetsEncrypt SSL certificate. acme.sh is written in bash, so it works on any Linux server without special requirements. For getting SSL, another popular option is to use certbot.
https://github.com/acmesh-official/acme.shacme.sh
list all SSL certificatesacme.sh
SSL using manual DNS method
To install, run
cd /usr/local/src git clone https://github.com/acmesh-official/acme.sh.git cd ./acme.sh ./acme.sh --install -m [email protected] source ~/.bashrc
When you install, it will set a daily cronjob for auto SSL renewal. You can see it with “crontab -l” command.
Set acme.sh to use LetsEncrypt SSL (Defaul is ZeroSSL)
acme.sh --set-default-ca --server letsencrypt
Set to ZeroSSL, run
acme.sh --set-default-ca --server zerossl
To issue an SSL certificate, run
acme.sh --issue -d example.com -d www.example.com -w /home/example.com/html/
Standalone mode
acme.sh --issue -d example.com --standalone
Using non-standard port
acme.sh --issue -d example.com --standalone --httpport 88
For more ways to issue SSL certificates, see
https://github.com/acmesh-official/acme.sh/wiki/How-to-issue-a-cert
Install SSL Certificate
To install the SSL certificate, run
acme.sh --install-cert -d DOMAIN_NAME \ --fullchain-file /etc/ssl/DOMAIN_NAME.crt \ --key-file /etc/ssl/DOMAIN_NAME.key \ --reloadcmd "systemctl reload nginx.service"
For Apache
acme.sh --install-cert -d DOMAIN_NAME \ --cert-file /etc/ssl/DOMAIN_NAME.crt \ --key-file /etc/ssl/DOMAIN_NAME.key \ --fullchain-file /etc/ssl/DOMAIN_NAME.ca \ --reloadcmd "service apache2 force-reload"
If you use Apache, replace “service nginx force-reload” with “service apache2 force-reload”. For CentOS/RHEL, use httpd instead of apache2.