-
-
Notifications
You must be signed in to change notification settings - Fork 5k
ZeroSSL.com CA
Using ZeroSSL.com CA
See also: https://github.com/acmesh-official/acme.sh/wiki/Change-default-CA-to-ZeroSSL
ZeroSSL doesn't have staging and no production rate limit, you can issue unlimited SSL of 90 days.
Alternatively you can create account and grab your acme credentials faster on ZeroSSL and even manage issued SSL.
https://zerossl.com/letsencrypt-alternative/#acme
Note: From acme.sh v3.0.0, acme.sh is using Zerossl as default ca, you must register the account first(one-time) before you can issue new certs.
acme.sh --register-account -m [email protected] --server zerossl
If you already have an account at www.zerossl.com,
you can also register your acme account with External Account Binding (EAB) credentials.
1. Generate your EAB credentials at: https://app.zerossl.com/developer
2. Register acme account:
acme.sh --register-account --server zerossl \
--eab-kid xxxxxxxxxxxx \
--eab-hmac-key xxxxxxxxx
acme.sh --server zerossl \
--issue -d example.com \
--dns dns_cf
3. If you don't want to specify --server zerossl every time you issue a cert, you can set zerossl as the default CA:
acme.sh --set-default-ca --server zerossl
See: https://github.com/acmesh-official/acme.sh/wiki/Server
Then you can issue any cert from zerossl:
acme.sh --issue -d example.com --dns dns_cf
More details:
https://github.com/acmesh-official/acme.sh/wiki/How-to-issue-a-cert
Buy me a beer, Donate to acme.sh if it saves your time. Your donation makes acme.sh better: https://donate.acme.sh/
如果 acme.sh 帮你节省了时间,请考虑赏我一杯啤酒🍺, 捐助: https://donate.acme.sh/ 你的支持将会使得 acme.sh 越来越好. 感谢