]> git.proxmox.com Git - mirror_acme.sh.git/blame - README.md
Make domain names available to pre hook
[mirror_acme.sh.git] / README.md
CommitLineData
d9f9477a 1# An ACME Shell script: acme.sh
e66337a1 2
20082ec9 3[![FreeBSD](https://github.com/acmesh-official/acme.sh/actions/workflows/FreeBSD.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/FreeBSD.yml)
4[![MacOS](https://github.com/acmesh-official/acme.sh/actions/workflows/MacOS.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/MacOS.yml)
5[![Ubuntu](https://github.com/acmesh-official/acme.sh/actions/workflows/Ubuntu.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Ubuntu.yml)
6[![Windows](https://github.com/acmesh-official/acme.sh/actions/workflows/Windows.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Windows.yml)
7[![Solaris](https://github.com/acmesh-official/acme.sh/actions/workflows/Solaris.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Solaris.yml)
c7285967 8
c2214cd4 9![Shellcheck](https://github.com/acmesh-official/acme.sh/workflows/Shellcheck/badge.svg)
10![PebbleStrict](https://github.com/acmesh-official/acme.sh/workflows/PebbleStrict/badge.svg)
11![DockerHub](https://github.com/acmesh-official/acme.sh/workflows/Build%20DockerHub/badge.svg)
966c7449 12
319d49dd 13
72235a5f 14<a href="https://opencollective.com/acmesh" alt="Financial Contributors on Open Collective"><img src="https://opencollective.com/acmesh/all/badge.svg?label=financial+contributors" /></a>
15[![Join the chat at https://gitter.im/acme-sh/Lobby](https://badges.gitter.im/acme-sh/Lobby.svg)](https://gitter.im/acme-sh/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
1f5cafc2 16[![Docker stars](https://img.shields.io/docker/stars/neilpang/acme.sh.svg)](https://hub.docker.com/r/neilpang/acme.sh "Click to view the image on Docker Hub")
17[![Docker pulls](https://img.shields.io/docker/pulls/neilpang/acme.sh.svg)](https://hub.docker.com/r/neilpang/acme.sh "Click to view the image on Docker Hub")
966c7449 18
236e8cc9 19
5c295254 20
99dc89c0 21- An ACME protocol client written purely in Shell (Unix shell) language.
1bb90298 22- Full ACME protocol implementation.
ac999339 23- Support ECDSA certs
24- Support SAN and wildcard certs
1bb90298
AL
25- Simple, powerful and very easy to use. You only need 3 minutes to learn it.
26- Bash, dash and sh compatible.
ac999339 27- Purely written in Shell with no dependencies on python.
1bb90298 28- Just one script to issue, renew and install your certificates automatically.
1f60d2bb 29- DOES NOT require `root/sudoer` access.
ac999339 30- Docker ready
31- IPv6 ready
5d468f7c 32- Cron job notifications for renewal or error etc.
6c0ab5d2 33
ac999339 34It's probably the `easiest & smartest` shell script to automatically issue & renew the free certificates.
6c0ab5d2 35
d795fac3 36Wiki: https://github.com/acmesh-official/acme.sh/wiki
de9fd54e 37
d795fac3 38For Docker Fans: [acme.sh :two_hearts: Docker ](https://github.com/acmesh-official/acme.sh/wiki/Run-acme.sh-in-docker)
1bb90298 39
08998032 40Twitter: [@neilpangxa](https://twitter.com/neilpangxa)
41
42
d795fac3 43# [中文说明](https://github.com/acmesh-official/acme.sh/wiki/%E8%AF%B4%E6%98%8E)
fe04faf6 44
bae50da7 45# Who:
6f1c72f5 46- [FreeBSD.org](https://blog.crashed.org/letsencrypt-in-freebsd-org/)
47- [ruby-china.org](https://ruby-china.org/topics/31983)
aaca0b6f 48- [Proxmox](https://pve.proxmox.com/wiki/Certificate_Management)
6f1c72f5 49- [pfsense](https://github.com/pfsense/FreeBSD-ports/pull/89)
50- [webfaction](https://community.webfaction.com/questions/19988/using-letsencrypt)
51- [Loadbalancer.org](https://www.loadbalancer.org/blog/loadbalancer-org-with-lets-encrypt-quick-and-dirty)
52- [discourse.org](https://meta.discourse.org/t/setting-up-lets-encrypt/40709)
26c669e4 53- [Centminmod](https://centminmod.com/letsencrypt-acmetool-https.html)
6f1c72f5 54- [splynx](https://forum.splynx.com/t/free-ssl-cert-for-splynx-lets-encrypt/297)
7ff52546 55- [archlinux](https://www.archlinux.org/packages/community/any/acme.sh)
9cf65e31 56- [opnsense.org](https://github.com/opnsense/plugins/tree/master/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient)
a5c1c303 57- [CentOS Web Panel](http://centos-webpanel.com/)
58- [lnmp.org](https://lnmp.org/)
d795fac3 59- [more...](https://github.com/acmesh-official/acme.sh/wiki/Blogs-and-tutorials)
1bb90298
AL
60
61# Tested OS
62
daf56504 63| NO | Status| Platform|
64|----|-------|---------|
20082ec9 65|1|[![MacOS](https://github.com/acmesh-official/acme.sh/actions/workflows/MacOS.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/MacOS.yml)|Mac OSX
66|2|[![Windows](https://github.com/acmesh-official/acme.sh/actions/workflows/Windows.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Windows.yml)|Windows (cygwin with curl, openssl and crontab included)
41f4baad 67|3|[![FreeBSD](https://github.com/acmesh-official/acme.sh/actions/workflows/FreeBSD.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/FreeBSD.yml)|FreeBSD
68|4|[![Solaris](https://github.com/acmesh-official/acme.sh/actions/workflows/Solaris.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Solaris.yml)|Solaris
20082ec9 69|5|[![Ubuntu](https://github.com/acmesh-official/acme.sh/actions/workflows/Ubuntu.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Ubuntu.yml)| Ubuntu
3d7375be 70|6|NA|pfsense
71|7|NA|OpenBSD
72|8|[![Linux](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml)| Debian
73|9|[![Linux](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml)|CentOS
74|10|[![Linux](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml)|openSUSE
75|11|[![Linux](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml)|Alpine Linux (with curl)
76|12|[![Linux](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml)|Archlinux
77|13|[![Linux](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml)|fedora
78|14|[![Linux](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml)|Kali Linux
79|15|[![Linux](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml)|Oracle Linux
41f4baad 80|16|[![Linux](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml)|Mageia
81|17|[![Linux](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml)|Gentoo Linux
82|18|[![Linux](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml/badge.svg)](https://github.com/acmesh-official/acme.sh/actions/workflows/Linux.yml)|ClearLinux
83|19|-----| Cloud Linux https://github.com/acmesh-official/acme.sh/issues/111
84|20|-----| OpenWRT: Tested and working. See [wiki page](https://github.com/acmesh-official/acme.sh/wiki/How-to-run-on-OpenWRT)
85|21|[![](https://acmesh-official.github.io/acmetest/status/proxmox.svg)](https://github.com/acmesh-official/letest#here-are-the-latest-status)| Proxmox: See Proxmox VE Wiki. Version [4.x, 5.0, 5.1](https://pve.proxmox.com/wiki/HTTPS_Certificate_Configuration_(Version_4.x,_5.0_and_5.1)#Let.27s_Encrypt_using_acme.sh), version [5.2 and up](https://pve.proxmox.com/wiki/Certificate_Management)
20082ec9 86
6c0ab5d2 87
3d7375be 88Check our [testing project](https://github.com/acmesh-official/acmetest):
6c0ab5d2 89
d795fac3 90https://github.com/acmesh-official/acmetest
07f4ec4f 91
c4094c68 92# Supported CA
93
8ae08b29 94- [ZeroSSL.com CA](https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-CA)(default)
95- Letsencrypt.org CA
d795fac3 96- [BuyPass.com CA](https://github.com/acmesh-official/acme.sh/wiki/BuyPass.com-CA)
53d6ab6c 97- [SSL.com CA](https://github.com/acmesh-official/acme.sh/wiki/SSL.com-CA)
693d692a 98- [Pebble strict Mode](https://github.com/letsencrypt/pebble)
ab6b9006 99- Any other [RFC8555](https://tools.ietf.org/html/rfc8555)-compliant CA
2b45dba5 100
1bb90298 101# Supported modes
2c75b3fd 102
1bb90298
AL
103- Webroot mode
104- Standalone mode
c9baca79 105- Standalone tls-alpn mode
1bb90298 106- Apache mode
d5865989 107- Nginx mode
1bb90298 108- DNS mode
d795fac3 109- [DNS alias mode](https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode)
110- [Stateless mode](https://github.com/acmesh-official/acme.sh/wiki/Stateless-Mode)
2b45dba5 111
e8cce73a 112
df1c9d88 113# 1. How to install
6c0ab5d2 114
1bb90298 115### 1. Install online
6c0ab5d2 116
d795fac3 117Check this project: https://github.com/acmesh-official/get.acme.sh
b0515cf8 118
2b45dba5 119```bash
565ca81b 120curl https://get.acme.sh | sh -s email=my@example.com
90dda23f 121```
122
123Or:
2b45dba5
SF
124
125```bash
565ca81b 126wget -O - https://get.acme.sh | sh -s email=my@example.com
90dda23f 127```
128
129
1bb90298 130### 2. Or, Install from git
2b45dba5 131
1bb90298 132Clone this project and launch installation:
2b45dba5
SF
133
134```bash
d795fac3 135git clone https://github.com/acmesh-official/acme.sh.git
2b45dba5 136cd ./acme.sh
565ca81b 137./acme.sh --install -m my@example.com
6c0ab5d2 138```
90dda23f 139
2b45dba5
SF
140You `don't have to be root` then, although `it is recommended`.
141
d795fac3 142Advanced Installation: https://github.com/acmesh-official/acme.sh/wiki/How-to-install
d9ded9f3 143
2b45dba5 144The installer will perform 3 actions:
7a894c4c 145
1bb90298
AL
1461. Create and copy `acme.sh` to your home dir (`$HOME`): `~/.acme.sh/`.
147All certs will be placed in this folder too.
1482. Create alias for: `acme.sh=~/.acme.sh/acme.sh`.
1493. Create daily cron job to check and renew the certs if needed.
2b45dba5
SF
150
151Cron entry example:
152
153```bash
1540 0 * * * "/home/user/.acme.sh"/acme.sh --cron --home "/home/user/.acme.sh" > /dev/null
155```
acc1e53a 156
1bb90298
AL
157After the installation, you must close the current terminal and reopen it to make the alias take effect.
158
159Ok, you are ready to issue certs now.
acc1e53a 160
6c0ab5d2 161Show help message:
2b45dba5 162
e27dfbb0 163```sh
39c8f79f 164root@v1:~# acme.sh -h
6c0ab5d2 165```
1bb90298
AL
166
167# 2. Just issue a cert
2400e41f 168
2b45dba5 169**Example 1:** Single domain.
2400e41f 170
2b45dba5 171```bash
caa2e45a 172acme.sh --issue -d example.com -w /home/wwwroot/example.com
6c0ab5d2 173```
2b45dba5 174
4c38fec3 175or:
176
177```bash
178acme.sh --issue -d example.com -w /home/username/public_html
179```
180
181or:
182
183```bash
184acme.sh --issue -d example.com -w /var/www/html
185```
186
2b45dba5
SF
187**Example 2:** Multiple domains in the same cert.
188
189```bash
1bb90298 190acme.sh --issue -d example.com -d www.example.com -d cp.example.com -w /home/wwwroot/example.com
6c0ab5d2 191```
2400e41f 192
4c38fec3 193The parameter `/home/wwwroot/example.com` or `/home/username/public_html` or `/var/www/html` is the web root folder where you host your website files. You **MUST** have `write access` to this folder.
6c0ab5d2 194
1bb90298
AL
195Second argument **"example.com"** is the main domain you want to issue the cert for.
196You must have at least one domain there.
6c0ab5d2 197
caa2e45a 198You must point and bind all the domains to the same webroot dir: `/home/wwwroot/example.com`.
6c0ab5d2 199
e27dfbb0 200The certs will be placed in `~/.acme.sh/example.com/`
6c0ab5d2 201
e27dfbb0 202The certs will be renewed automatically every **60** days.
6c0ab5d2 203
d795fac3 204More examples: https://github.com/acmesh-official/acme.sh/wiki/How-to-issue-a-cert
a63b05a9 205
206
e27dfbb0 207# 3. Install the cert to Apache/Nginx etc.
a63b05a9 208
e27dfbb0 209After the cert is generated, you probably want to install/copy the cert to your Apache/Nginx or other servers.
1bb90298 210You **MUST** use this command to copy the certs to the target files, **DO NOT** use the certs files in **~/.acme.sh/** folder, they are for internal use only, the folder structure may change in the future.
2b45dba5 211
1bb90298 212**Apache** example:
2b45dba5 213```bash
cd9c3a79 214acme.sh --install-cert -d example.com \
5c539af7 215--cert-file /path/to/certfile/in/apache/cert.pem \
216--key-file /path/to/keyfile/in/apache/key.pem \
217--fullchain-file /path/to/fullchain/certfile/apache/fullchain.pem \
4743171b 218--reloadcmd "service apache2 force-reload"
3c33cdfa 219```
220
1bb90298 221**Nginx** example:
3c33cdfa 222```bash
cd9c3a79 223acme.sh --install-cert -d example.com \
5c539af7 224--key-file /path/to/keyfile/in/nginx/key.pem \
225--fullchain-file /path/to/fullchain/nginx/cert.pem \
4743171b 226--reloadcmd "service nginx force-reload"
6c0ab5d2 227```
7a894c4c 228
a63b05a9 229Only the domain is required, all the other parameters are optional.
230
e27dfbb0 231The ownership and permission info of existing files are preserved. You can pre-create the files to define the ownership and permission.
fe600441 232
e27dfbb0 233Install/copy the cert/key to the production Apache or Nginx path.
1bb90298 234
61852447 235The cert will be renewed every **60** days by default (which is configurable). Once the cert is renewed, the Apache/Nginx service will be reloaded automatically by the command: `service apache2 force-reload` or `service nginx force-reload`.
7a894c4c 236
6c0ab5d2 237
58f75313 238**Please take care: The reloadcmd is very important. The cert can be automatically renewed, but, without a correct 'reloadcmd' the cert may not be flushed to your server(like nginx or apache), then your website will not be able to show renewed cert in 60 days.**
bae50da7 239
df1c9d88 240# 4. Use Standalone server to issue cert
6c0ab5d2 241
1bb90298 242**(requires you to be root/sudoer or have permission to listen on port 80 (TCP))**
072290f2 243
1bb90298 244Port `80` (TCP) **MUST** be free to listen on, otherwise you will be prompted to free it and try again.
2b45dba5
SF
245
246```bash
caa2e45a 247acme.sh --issue --standalone -d example.com -d www.example.com -d cp.example.com
072290f2
N
248```
249
d795fac3 250More examples: https://github.com/acmesh-official/acme.sh/wiki/How-to-issue-a-cert
a63b05a9 251
c9baca79 252# 5. Use Standalone ssl server to issue cert
e22bcf7c 253
c9baca79 254**(requires you to be root/sudoer or have permission to listen on port 443 (TCP))**
255
256Port `443` (TCP) **MUST** be free to listen on, otherwise you will be prompted to free it and try again.
257
258```bash
259acme.sh --issue --alpn -d example.com -d www.example.com -d cp.example.com
260```
261
d795fac3 262More examples: https://github.com/acmesh-official/acme.sh/wiki/How-to-issue-a-cert
c9baca79 263
264
265# 6. Use Apache mode
2b45dba5 266
1bb90298 267**(requires you to be root/sudoer, since it is required to interact with Apache server)**
2b45dba5 268
e8defd82 269If you are running a web server, it is recommended to use the `Webroot mode`.
a63b05a9 270
d5865989 271Particularly, if you are running an Apache server, you can use Apache mode instead. This mode doesn't write any files to your web root folder.
2c75b3fd 272
1bb90298 273Just set string "apache" as the second argument and it will force use of apache plugin automatically.
2c75b3fd 274
e27dfbb0 275```sh
1bb90298 276acme.sh --issue --apache -d example.com -d www.example.com -d cp.example.com
2c75b3fd 277```
a63b05a9 278
84d80e93 279**This apache mode is only to issue the cert, it will not change your apache config files.
d5865989 280You will need to configure your website config files to use the cert by yourself.
f8662c9b 281We don't want to mess with your apache server, don't worry.**
d5865989 282
d795fac3 283More examples: https://github.com/acmesh-official/acme.sh/wiki/How-to-issue-a-cert
2c75b3fd 284
c9baca79 285# 7. Use Nginx mode
1bb90298 286
9d725af6 287**(requires you to be root/sudoer, since it is required to interact with Nginx server)**
288
e8defd82 289If you are running a web server, it is recommended to use the `Webroot mode`.
9d725af6 290
291Particularly, if you are running an nginx server, you can use nginx mode instead. This mode doesn't write any files to your web root folder.
292
293Just set string "nginx" as the second argument.
294
295It will configure nginx server automatically to verify the domain and then restore the nginx config to the original version.
296
297So, the config is not changed.
298
e27dfbb0 299```sh
9d725af6 300acme.sh --issue --nginx -d example.com -d www.example.com -d cp.example.com
301```
302
84d80e93 303**This nginx mode is only to issue the cert, it will not change your nginx config files.
d5865989 304You will need to configure your website config files to use the cert by yourself.
f8662c9b 305We don't want to mess with your nginx server, don't worry.**
d5865989 306
d795fac3 307More examples: https://github.com/acmesh-official/acme.sh/wiki/How-to-issue-a-cert
9d725af6 308
c9baca79 309# 8. Automatic DNS API integration
a947dbc6 310
1bb90298 311If your DNS provider supports API access, we can use that API to automatically issue the certs.
6c0ab5d2 312
1bb90298 313You don't have to do anything manually!
ab497961 314
236acbd6 315### Currently acme.sh supports most of the dns providers:
316
d795fac3 317https://github.com/acmesh-official/acme.sh/wiki/dnsapi
ab497961 318
c9baca79 319# 9. Use DNS manual mode:
e27dfbb0 320
d795fac3 321See: https://github.com/acmesh-official/acme.sh/wiki/dns-manual-mode first.
46ac97a3 322
f190de39 323If your dns provider doesn't support any api access, you can add the txt record by hand.
e27dfbb0 324
325```bash
326acme.sh --issue --dns -d example.com -d www.example.com -d cp.example.com
327```
328
329You should get an output like below:
330
331```sh
332Add the following txt record:
333Domain:_acme-challenge.example.com
334Txt value:9ihDbjYfTExAYeDs4DBUeuTo18KBzwvTEjUnSwd32-c
335
336Add the following txt record:
337Domain:_acme-challenge.www.example.com
338Txt value:9ihDbjxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
339
340Please add those txt records to the domains. Waiting for the dns to take effect.
341```
342
343Then just rerun with `renew` argument:
344
345```bash
346acme.sh --renew -d example.com
347```
348
349Ok, it's done.
350
351**Take care, this is dns manual mode, it can not be renewed automatically. you will have to add a new txt record to your domain by your hand when you renew your cert.**
352
353**Please use dns api mode instead.**
ab497961 354
c9baca79 355# 10. Issue ECC certificates
2b45dba5 356
1bb90298 357`Let's Encrypt` can now issue **ECDSA** certificates.
2b45dba5 358
1bb90298 359And we support them too!
1add47a6 360
d5865989 361Just set the `keylength` parameter with a prefix `ec-`.
2b45dba5 362
1add47a6 363For example:
9e6c4208 364
bcbecff6 365### Single domain ECC certificate
9e6c4208 366
2b45dba5 367```bash
1bb90298 368acme.sh --issue -w /home/wwwroot/example.com -d example.com --keylength ec-256
1add47a6 369```
2b45dba5 370
1bb90298 371### SAN multi domain ECC certificate
2b45dba5
SF
372
373```bash
1bb90298 374acme.sh --issue -w /home/wwwroot/example.com -d example.com -d www.example.com --keylength ec-256
9e6c4208
N
375```
376
d5865989 377Please look at the `keylength` parameter above.
1add47a6 378
379Valid values are:
380
2b45dba5
SF
3811. **ec-256 (prime256v1, "ECDSA P-256")**
3822. **ec-384 (secp384r1, "ECDSA P-384")**
3833. **ec-521 (secp521r1, "ECDSA P-521", which is not supported by Let's Encrypt yet.)**
1add47a6 384
df1c9d88 385
df1c9d88 386
c9baca79 387# 11. Issue Wildcard certificates
df1c9d88 388
e27dfbb0 389It's simple, just give a wildcard domain as the `-d` parameter.
df1c9d88 390
e27dfbb0 391```sh
f2aa5c02 392acme.sh --issue -d example.com -d '*.example.com' --dns dns_cf
df1c9d88 393```
e27dfbb0 394
395
396
c9baca79 397# 12. How to renew the certs
e27dfbb0 398
399No, you don't need to renew the certs manually. All the certs will be renewed automatically every **60** days.
400
401However, you can also force to renew a cert:
402
403```sh
1bb90298 404acme.sh --renew -d example.com --force
df1c9d88 405```
406
407or, for ECC cert:
1bb90298 408
e27dfbb0 409```sh
1bb90298 410acme.sh --renew -d example.com --force --ecc
df1c9d88 411```
412
1bb90298 413
c9baca79 414# 13. How to stop cert renewal
a4964b90 415
e27dfbb0 416To stop renewal of a cert, you can execute the following to remove the cert from the renewal list:
a4964b90 417
e27dfbb0 418```sh
a4964b90
FW
419acme.sh --remove -d example.com [--ecc]
420```
421
e27dfbb0 422The cert/key file is not removed from the disk.
a4964b90 423
e27dfbb0 424You can remove the respective directory (e.g. `~/.acme.sh/example.com`) by yourself.
a4964b90 425
e27dfbb0 426
c9baca79 427# 14. How to upgrade `acme.sh`
1bb90298 428
329174b6 429acme.sh is in constant development, so it's strongly recommended to use the latest code.
df1c9d88 430
431You can update acme.sh to the latest code:
1bb90298 432
e27dfbb0 433```sh
df1c9d88 434acme.sh --upgrade
435```
436
1bb90298
AL
437You can also enable auto upgrade:
438
e27dfbb0 439```sh
1bb90298 440acme.sh --upgrade --auto-upgrade
59649e9b 441```
1bb90298
AL
442
443Then **acme.sh** will be kept up to date automatically.
59649e9b 444
445Disable auto upgrade:
1bb90298 446
e27dfbb0 447```sh
1bb90298 448acme.sh --upgrade --auto-upgrade 0
59649e9b 449```
450
1bb90298 451
c9baca79 452# 15. Issue a cert from an existing CSR
8371b030 453
d795fac3 454https://github.com/acmesh-official/acme.sh/wiki/Issue-a-cert-from-existing-CSR
8371b030 455
456
5d468f7c 457# 16. Send notifications in cronjob
458
d795fac3 459https://github.com/acmesh-official/acme.sh/wiki/notify
5d468f7c 460
461
462# 17. Under the Hood
6c0ab5d2 463
99dc89c0 464Speak ACME language using shell, directly to "Let's Encrypt".
6c0ab5d2
N
465
466TODO:
467
1bb90298 468
5d468f7c 469# 18. Acknowledgments
1bb90298 470
63f04675
N
4711. Acme-tiny: https://github.com/diafygi/acme-tiny
4722. ACME protocol: https://github.com/ietf-wg-acme/acme
63f04675 473
1bb90298 474
683592fa 475## Contributors
476
477### Code Contributors
478
6621ef6a 479This project exists thanks to all the people who contribute.
d795fac3 480<a href="https://github.com/acmesh-official/acme.sh/graphs/contributors"><img src="https://opencollective.com/acmesh/contributors.svg?width=890&button=false" /></a>
683592fa 481
482### Financial Contributors
483
484Become a financial contributor and help us sustain our community. [[Contribute](https://opencollective.com/acmesh/contribute)]
485
486#### Individuals
487
488<a href="https://opencollective.com/acmesh"><img src="https://opencollective.com/acmesh/individuals.svg?width=890"></a>
489
490#### Organizations
491
492Support this project with your organization. Your logo will show up here with a link to your website. [[Contribute](https://opencollective.com/acmesh/contribute)]
493
494<a href="https://opencollective.com/acmesh/organization/0/website"><img src="https://opencollective.com/acmesh/organization/0/avatar.svg"></a>
495<a href="https://opencollective.com/acmesh/organization/1/website"><img src="https://opencollective.com/acmesh/organization/1/avatar.svg"></a>
496<a href="https://opencollective.com/acmesh/organization/2/website"><img src="https://opencollective.com/acmesh/organization/2/avatar.svg"></a>
497<a href="https://opencollective.com/acmesh/organization/3/website"><img src="https://opencollective.com/acmesh/organization/3/avatar.svg"></a>
498<a href="https://opencollective.com/acmesh/organization/4/website"><img src="https://opencollective.com/acmesh/organization/4/avatar.svg"></a>
499<a href="https://opencollective.com/acmesh/organization/5/website"><img src="https://opencollective.com/acmesh/organization/5/avatar.svg"></a>
500<a href="https://opencollective.com/acmesh/organization/6/website"><img src="https://opencollective.com/acmesh/organization/6/avatar.svg"></a>
501<a href="https://opencollective.com/acmesh/organization/7/website"><img src="https://opencollective.com/acmesh/organization/7/avatar.svg"></a>
502<a href="https://opencollective.com/acmesh/organization/8/website"><img src="https://opencollective.com/acmesh/organization/8/avatar.svg"></a>
503<a href="https://opencollective.com/acmesh/organization/9/website"><img src="https://opencollective.com/acmesh/organization/9/avatar.svg"></a>
504
5d468f7c 505# 19. License & Others
6c0ab5d2
N
506
507License is GPLv3
508
1d06c947 509Please Star and Fork me.
6c0ab5d2 510
d795fac3 511[Issues](https://github.com/acmesh-official/acme.sh/issues) and [pull requests](https://github.com/acmesh-official/acme.sh/pulls) are welcome.
6c0ab5d2
N
512
513
5d468f7c 514# 20. Donate
cb6f6229 515Your donation makes **acme.sh** better:
6c0ab5d2 516
43d3b51b 5171. PayPal/Alipay(支付宝)/Wechat(微信): [https://donate.acme.sh/](https://donate.acme.sh/)
84d80e93 518
d795fac3 519[Donate List](https://github.com/acmesh-official/acme.sh/wiki/Donate-list)