Acme.sh

Nginx

Install acme.sh

curl  https://get.acme.sh | sh -s email=<your@email.com>

Restart terminal, then set env for acme.sh

export CF_Key="<you-CF-key>"
export CF_Email="<your@email.com>"
acme.sh --register-account -m <your@email.com>

Get ssl cert

mkdir -p /etc/nginx/ssl
 
acme.sh --set-default-ca --server letsencrypt
 
acme.sh --issue -d "your-domain.com" --dns dns_cf \
    --key-file       /etc/nginx/ssl/your-domain.com.key  \
    --fullchain-file /etc/nginx/ssl/your-domain.com.pem \
    --reloadcmd "systemctl reload nginx"
 
acme.sh --upgrade --auto-upgrade

Nginx config

server {
    listen                  443 ssl http2;
    listen                  [::]:443 ssl http2;
    server_name             your-domain.com;
    root                    /data/www;
 
    ssl_certificate         /etc/nginx/ssl/your-domain.com.pem;
    ssl_certificate_key     /etc/nginx/ssl/your-domain.com.key;
 
    charset utf-8,gbk;
    index index.html index.htm;
}
 
server {
    listen      80;
    listen      [::]:80;
    server_name your-domain.com;
 
    location / {
        return 301 https://your-domain.com$request_uri;
    }
}

Acme.sh for PVE

acme.sh --issue -d "your-domain.com" --dns dns_cf \
    --key-file       /etc/pve/local/pveproxy-ssl.key  \
    --fullchain-file /etc/pve/local/pveproxy-ssl.pem \
    --reloadcmd "systemctl reload pveproxy"
 
acme.sh --upgrade --auto-upgrade

SuLing's Garden

Explorer

Acme.sh

Nginx

Install acme.sh

Restart terminal, then set env for acme.sh

Get ssl cert

Nginx config

Acme.sh for PVE

Graph View

Explorer

Table of Contents

Backlinks