目录
一、shell命令安装
# 安装acme
curl https://get.acme.sh | sh -s email=floxxx5@163.com
# 注册zerossl
.acme.sh/acme.sh --register-account -m flowxxx25@163.com --server zerossl
# 获取证书
export Ali_Key="LTAxxxxxEak9pc2"
export Ali_Secret="Q3FBttd7xxxxCwTaPfXPpitQa"
.acme.sh/acme.sh --issue --dns dns_ali -d xxx.com -d *.xxx.com
# 安装证书
mkdir -p /etc/nginx/xxx.com
.acme.sh/acme.sh --install-cert -d xxx.com \
--key-file /etc/nginx/xxx.com/key.pem \
--fullchain-file /etc/nginx/xxx.com/cert.pem
# 重新申请证书
export Ali_Key="LTAI5txxxxEak9pc2"
export Ali_Secret="Q3FBtxxxxPfXPpitQa"
.acme.sh/acme.sh --issue --renew --dns_ali -d xxx.com -d *.xxx.com
# 卸载acme
.acme.sh/acme.sh uninstall
rm -rf .acme.sh/
rm -rf /etc/nginx/二、docker run安装
docker run --rm -itd \
-v "./acme":/acme.sh \
-e Ali_Key="LTAI5xxxxMEak9pc2" \
-e Ali_Secret="Q3FBtxxxxTaPfXPpitQa" \
--net=host \
--name=acme.sh \
"neilpang/acme.sh" daemon
# 注册证书服务商账号
docker exec acme.sh --register-account -m floxxx25@163.com
# 查看帮助
docker exec acme.sh acme.sh -h
# 申请www.xxx.com证书
docker exec acme.sh acme.sh --issue --dns dns_ali -d xxx.com -d *.xxx.com
# 重启nginx
docker restart nginx三、docker compose安装
docker-compose.yml配置
version: "3"
services:
acme-sh:
image: neilpang/acme.sh
container_name: acme.sh
restart: always
command: daemon
environment:
- Ali_Key=LTAI5xxxxMEak9pc2
- Ali_Secret=Q3FBxxxxCwTaPfXPpitQa
volumes:
- "./nginx/certs/:/acme.sh"
network_mode: host启动容器
# 进data目录
cd data
# 执行脚本启动容器
docker compose -f ./env-compose.yml up -d
# 查看容器
docker ps
# 升级acme脚本
docker exec acme.sh acme.sh --upgrade申请证书
## 注册证书服务商账号
docker exec acme.sh --register-account -m floxxx925@163.com
## 查看帮助
docker exec acme.sh acme.sh -h
## 申请www.xxx.com证书
docker exec acme.sh acme.sh --issue --dns dns_ali -d xxx.com -d *.xxx.com --force --dnssleep
# 重启nginx
docker compose -f ./env-compose.yml restart nginx设置crontab任务自动续签
# 执行命令
crontab -e
# 每天凌晨12点执行任务续签
0 0 * * * docker exec acme.sh --cron