In this article, we will learn about using ACME to request a SSL certificate from the well_know authorities.

1. Install ACME.SH

Installation via command line, executing:

1
2
cd
curl https://get.acme.sh | sh -s email=my@example.com

2. Using ACME.SH

If you installed correctly, on the same folder as you current visit will have a folder called acme.sh but is hidden, you could using following bash command to show if it exist:

1
ls -a

If exist, there should be a folder called .acme.sh, then please enter that folder by executing:

1
cd .acme.sh

There are couple ways to using this

  1. Using Nginx to create a page to pass the verification (Not planning to implement)
  2. Using DNS record to pass the verification (As show below)

Using DNS record to pass the verification

  1. Visit the DNS documentation, to configure the environment, picking Cloudflare as example. For one domain website, execute:
1
2
export CF_Token="{Your CloudFlare Token}"
export CF_Zone_ID="{Your Domain Zone ID}"

where you could create a CF_Token by visiting the Token Page, create a token which allowing to edit that specific domain. And the CF_Zone_ID will be the right column of your domain home page

Or if you are using multi-domain, please execute:

1
2
export CF_Token="{Your CloudFlare Token}"
export CF_Account_ID="{Your CloudFlare Account ID}"
  1. Apply for SSL using acme.sh by executing:
1
./acme.sh --issue --dns dns_cf -d your.domain -d "*.your.domain"

where this will generate all subdomain from that origin domain and the path of storage the SSL certificate will shown after finish creation.