acme #
一个用于申请ssl证书脚本。
1)安装依赖:
bash
# Ubuntu
sudo apt install -y socat
# CentOS
sudo yum install -y socat2)安装acme:
bash
curl https://get.acme.sh | sudo sh
# 或者:
wget -O - https://get.acme.sh | sudo sh
# 安装acme并配置邮箱:
curl https://get.acme.sh | sudo sh -s email=youremail@example.com3)添加软连接:
bash
ln -s /root/.acme.sh/acme.sh /usr/local/bin/acme.sh4)切换CA机构:
bash
# 改成letsencrypt是因为其证书颁发服务器比较稳定
sudo acme.sh --set-default-ca --server letsencrypt5)申请证书:
bash
sudo acme.sh --issue -d yourdomain.example.com --standalone -k ec-2566)安装证书:
bash
sudo acme.sh --install-cert -d yourdomain.example.com --key-file /etc/nginx/certs/yourdomain.key --fullchain-file /etc/nginx/certs/yourdomain.crt --reloadcmd 'systemctl reload nginx'
参数:
--key-file /path/to/key
--fullchain-file /path/to/fullchain/cert
--reloadcmd "service nginx force-reload"