1,723
edits
Difference between revisions of "LetsEncrypt with ACME on OpenWRT"
LetsEncrypt with ACME on OpenWRT (view source)
Revision as of 19:49, 31 May 2022
, 19:49, 31 May 2022→Examples
m (→Choices) |
m (→Examples) |
||
| Line 5: | Line 5: | ||
As with everything in the world, there are choices. This article describes two different ways to install the acme.sh script. One, the "Easy Way". Two, the longer OpenWRT way. | As with everything in the world, there are choices. This article describes two different ways to install the acme.sh script. One, the "Easy Way". Two, the longer OpenWRT way. | ||
=== Quick S === | ===Quick S=== | ||
* UPGRADE Acme Scripts: As of 2022, the Acme Package from OpenWRT is broken / old / whatever (version 2.85), so upgrade to 3 or later (be sure to set permissions: chmod 755 acme.sh) | *UPGRADE Acme Scripts: As of 2022, the Acme Package from OpenWRT is broken / old / whatever (version 2.85), so upgrade to 3 or later (be sure to set permissions: chmod 755 acme.sh) | ||
* Certificates Installed (show): /usr/lib/acme/acme.sh --list | *Certificates Installed (show): /usr/lib/acme/acme.sh --list | ||
* Cron Command for Certificate Renewal: "/usr/lib/acme"/acme.sh --cron --home "/usr/lib/acme" --config-home "/etc/acme/config" > /dev/null | *Cron Command for Certificate Renewal: "/usr/lib/acme"/acme.sh --cron --home "/usr/lib/acme" --config-home "/etc/acme/config" > /dev/null | ||
* Issuing a certficate (acme.sh --issue PlusOtherCommandSwitches-seeBelow), will store it here: /etc/etc/certs (certificates and configuration files for use in renewing certs) | *Issuing a certficate (acme.sh --issue PlusOtherCommandSwitches-seeBelow), will store it here: /etc/etc/certs (certificates and configuration files for use in renewing certs) | ||
* DNS Method: Really only works well if the Master Zone is on the same server that the Acme.sh Script is running on, otherwise use web method | *DNS Method: Really only works well if the Master Zone is on the same server that the Acme.sh Script is running on, otherwise use web method | ||
===The Easy Way of Installing ''acme.sh''=== | ===The Easy Way of Installing ''acme.sh''=== | ||
| Line 104: | Line 104: | ||
====Examples==== | ====Examples==== | ||
*/usr/lib/acme/acme.sh --revoke --domain WhatEverDomainName.xyz | *Revoke a Certificate: /usr/lib/acme/acme.sh --revoke --domain WhatEverDomainName.xyz | ||
*/usr/lib/acme/acme.sh --list | *Show a list of Certificates: /usr/lib/acme/acme.sh --list | ||
*/usr/lib/acme/acme.sh --issue --webroot /usr/share/apache2/htdocs --domain WhatEverDomainName.xyz --home /etc/acme --cert-home /etc/acme/certs --config-home /etc/acme/config | *Issue a Certificate: /usr/lib/acme/acme.sh --issue --webroot /usr/share/apache2/htdocs/WhatEverDirectoryIsTheRootForWebSite --domain WhatEverDomainName.xyz --home /etc/acme --cert-home /etc/acme/certs --config-home /etc/acme/config | ||
*Subject Alternative Names can be used too (IE, more than one Domain Name can be associated with a certificate): | *Subject Alternative Names can be used too (IE, more than one Domain Name can be associated with a certificate): | ||
**/usr/lib/acme/acme.sh --issue --webroot /usr/share/apache2/htdocs --domain WhatEverDomainName.xyz,WhatEverOtherDomainName.xyz,Another.xyz,AndSoOn.xyz --home /etc/acme --cert-home /etc/acme/certs --config-home /etc/acme/config | **/usr/lib/acme/acme.sh --issue --webroot /usr/share/apache2/htdocs --domain WhatEverDomainName.xyz,WhatEverOtherDomainName.xyz,Another.xyz,AndSoOn.xyz --home /etc/acme --cert-home /etc/acme/certs --config-home /etc/acme/config | ||