Wildcard Certificates with acme.sh

From Run Your Own
Revision as of 21:59, 12 October 2024 by 320x200 (talk | contribs)
Jump to navigation Jump to search

Using acme.sh

acme.sh is a lightweight shell script based tool to handle Let's Encrypt certificates.

Install the bash script

wget https://get.acme.sh 

As root:

sh acme.sh

This will install the script to /root/.acme and add it to path by sourcing a script from root's .bashrc

Request a wildcard cert for lurk.org

We use wildcard certificates with DNS authentification first find and export the gandi dns key:

export GANDI_LIVEDNS_KEY="fdmlfsdklmfdkmqsdfk" 

Then request a wildcard cert. (the dns key is added to a config file automatically for future renewals)

acme.sh --issue --dns dns_gandi_livedns --nginx -d *.lurk.org

Find the certs in:

/root/.acme.sh/\*.lurk.org/

Install the certs for nginx

Deployment for other services