Acme

An ACME protocol client written purely in Shell (Unix shell) language.

GitHub

Install

git clone https://github.com/Neilpang/acme.sh.git
cd ./acme.sh
./acme.sh --install

Register account

acme.sh --register-account

Configure Nginx

server {
...
  location ~ "^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$" {
    default_type text/plain;
    return 200 "$1.YOURTHUMBPRINT";
  }
...
}

Issue a certificate

acme.sh --issue -d example.com -d www.example.com  --stateless

Install the certificate

acme.sh --install-cert -d example.com \
--keypath       /etc/nginx/certificates/example.com.key  \
--fullchainpath /etc/nginx/certificates/example.com.pem \
--reloadcmd     "service nginx force-reload"

Configure vhost

server {
...
  listen 443 ssl;
  listen [::]:443 ssl;

  ssl_certificate /etc/nginx/certificates/example.com.pem;
  ssl_certificate_key /etc/nginx/certificates/example.com.key;

  if ($scheme = http) {
    return 301 https://$server_name$request_uri;
  }
...
}