yacloud/acme.sh
1
0
Fork 0
mirror of https://github.com/acmesh-official/acme.sh.git synced 2025-05-08 22:12:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
acme.sh/deploy
History
pdoroff 6d7ac15a89 added weechat documentation to README.pm
2017-03-28 17:28:34 -05:00
..
apache.sh
deploy apache script: fix comment (dovecot/apache)
2017-03-02 08:39:31 +01:00
cpanel.sh
add doc
2017-02-11 13:24:00 +08:00
dovecot.sh
fix format
2017-02-19 20:40:53 +08:00
exim4.sh
spelling: oops
2017-03-26 05:29:11 +00:00
haproxy.sh
fix format
2017-02-19 20:40:53 +08:00
keychain.sh
deploy for OSX Keychain
2017-03-06 11:09:12 +09:00
kong.sh
spelling: occurred
2017-03-26 05:28:57 +00:00
myapi.sh
exe
2017-02-05 23:14:25 +08:00
mysqld.sh
fix format
2017-02-19 20:40:53 +08:00
nginx.sh
fix format
2017-02-19 20:40:53 +08:00
opensshd.sh
fix format
2017-02-19 20:40:53 +08:00
pureftpd.sh
fix format
2017-02-19 20:40:53 +08:00
README.md
added weechat documentation to README.pm
2017-03-28 17:28:34 -05:00
vsftpd.sh
spelling: oops
2017-03-26 05:29:11 +00:00
weechat.sh
removed --renew from usage example
2017-03-28 17:14:45 -05:00

README.md

Using deploy api

Before you can deploy your cert, you must issue the cert first.

Here are the scripts to deploy the certs/key to the server/services.

1. Deploy the certs to your cpanel host.

(cpanel deploy hook is not finished yet, this is just an example.)

Then you can deploy now:

export DEPLOY_CPANEL_USER=myusername
export DEPLOY_CPANEL_PASSWORD=PASSWORD
acme.sh --deploy -d example.com --deploy-hook cpanel

2. Deploy ssl cert on kong proxy engine based on api.

Before you can deploy your cert, you must issue the cert first.

(TODO)

3. Deploy the cert to remote server through SSH access.

(TODO)

4. Deploy the cert to local vsftpd server.

acme.sh --deploy -d ftp.example.com --deploy-hook vsftpd

The default vsftpd conf file is /etc/vsftpd.conf, if your vsftpd conf is not in the default location, you can specify one:

export DEPLOY_VSFTPD_CONF="/etc/vsftpd.conf"

acme.sh --deploy -d ftp.example.com --deploy-hook vsftpd

The default command to restart vsftpd server is service vsftpd restart, if it doesn't work, you can specify one:

export DEPLOY_VSFTPD_RELOAD="/etc/init.d/vsftpd restart"

acme.sh --deploy -d ftp.example.com --deploy-hook vsftpd

5. Deploy the cert to local exim4 server.

acme.sh --deploy -d ftp.example.com --deploy-hook exim4

The default exim4 conf file is /etc/exim/exim.conf, if your exim4 conf is not in the default location, you can specify one:

export DEPLOY_EXIM4_CONF="/etc/exim4/exim4.conf.template"

acme.sh --deploy -d ftp.example.com --deploy-hook exim4

The default command to restart exim4 server is service exim4 restart, if it doesn't work, you can specify one:

export DEPLOY_EXIM4_RELOAD="/etc/init.d/exim4 restart"

acme.sh --deploy -d ftp.example.com --deploy-hook exim4

6. Deploy the cert to OSX Keychain

acme.sh --deploy -d ftp.example.com --deploy-hook keychain

7. Deploy the cert to local weechat IRC client through fifo plugin

Before you can deploy your cert, you must issue the cert first.

Then you can deploy now:

export DEPLOY_WEECHAT_PEM=~/.weechat/ssl/relay.pem
export DEPLOY_WEECHAT_HOME=~/.weechat
acme.sh --deploy -d weechat.example.com --deploy --deploy-hook weechat

Notes:
* Run acme.sh under the same user as the weechat client
* Weechat must be configured with ```plugins.var.fifo.fifo = on```

On deploy, the weechat deploy hook copies the the relevant data to $DEPLOY_WEECHAT_PEM.
Additionally, this hook attempts to issue a ```/relay sslcertkey``` command via the FIFO
plugin.  The FIFO files are searched for within $DEPLOY_WEECHAT_HOME.  Both environment
variables default to weechat's defaults listed above.

If successful, this installs and reloads the new relay SSL certificate in the
client requiring no user interaction whatsoever.