You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

113 lines
3.3 KiB

8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
  1. # Using deploy api
  2. Before you can deploy your cert, you must [issue the cert first](https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert).
  3. Here are the scripts to deploy the certs/key to the server/services.
  4. ## 1. Deploy the certs to your cpanel host.
  5. If you want to deploy using cpanel UAPI see 7.
  6. (cpanel deploy hook is not finished yet, this is just an example.)
  7. Then you can deploy now:
  8. ```sh
  9. export DEPLOY_CPANEL_USER=myusername
  10. export DEPLOY_CPANEL_PASSWORD=PASSWORD
  11. acme.sh --deploy -d example.com --deploy-hook cpanel
  12. ```
  13. ## 2. Deploy ssl cert on kong proxy engine based on api.
  14. Before you can deploy your cert, you must [issue the cert first](https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert).
  15. Currently supports Kong-v0.10.x.
  16. ```sh
  17. acme.sh --deploy -d ftp.example.com --deploy-hook kong
  18. ```
  19. ## 3. Deploy the cert to remote server through SSH access.
  20. (TODO)
  21. ## 4. Deploy the cert to local vsftpd server.
  22. ```sh
  23. acme.sh --deploy -d ftp.example.com --deploy-hook vsftpd
  24. ```
  25. The default vsftpd conf file is `/etc/vsftpd.conf`, if your vsftpd conf is not in the default location, you can specify one:
  26. ```sh
  27. export DEPLOY_VSFTPD_CONF="/etc/vsftpd.conf"
  28. acme.sh --deploy -d ftp.example.com --deploy-hook vsftpd
  29. ```
  30. The default command to restart vsftpd server is `service vsftpd restart`, if it doesn't work, you can specify one:
  31. ```sh
  32. export DEPLOY_VSFTPD_RELOAD="/etc/init.d/vsftpd restart"
  33. acme.sh --deploy -d ftp.example.com --deploy-hook vsftpd
  34. ```
  35. ## 5. Deploy the cert to local exim4 server.
  36. ```sh
  37. acme.sh --deploy -d ftp.example.com --deploy-hook exim4
  38. ```
  39. The default exim4 conf file is `/etc/exim/exim.conf`, if your exim4 conf is not in the default location, you can specify one:
  40. ```sh
  41. export DEPLOY_EXIM4_CONF="/etc/exim4/exim4.conf.template"
  42. acme.sh --deploy -d ftp.example.com --deploy-hook exim4
  43. ```
  44. The default command to restart exim4 server is `service exim4 restart`, if it doesn't work, you can specify one:
  45. ```sh
  46. export DEPLOY_EXIM4_RELOAD="/etc/init.d/exim4 restart"
  47. acme.sh --deploy -d ftp.example.com --deploy-hook exim4
  48. ```
  49. ## 6. Deploy the cert to OSX Keychain
  50. ```sh
  51. acme.sh --deploy -d ftp.example.com --deploy-hook keychain
  52. ```
  53. ## 7. Deploy to cpanel host using UAPI
  54. This hook is using UAPI and works in cPanel & WHM version 56 or newer.
  55. ```
  56. acme.sh --deploy -d example.com --deploy-hook cpanel_uapi
  57. ```
  58. DEPLOY_CPANEL_USER is required only if you run the script as root and it should contain cpanel username.
  59. ```sh
  60. export DEPLOY_CPANEL_USER=username
  61. acme.sh --deploy -d example.com --deploy-hook cpanel_uapi
  62. ```
  63. Please note, that the cpanel_uapi hook will deploy only the first domain when your certificate will automatically renew. Therefore you should issue a separete certificate for each domain.
  64. ## 8. Deploy the cert to your FRITZ!Box router
  65. You must specify the credentials that have administrative privileges on the FRITZ!Box in order to deploy the certificate, plus the URL of your FRITZ!Box, through the following environment variables:
  66. ```sh
  67. $ export DEPLOY_FRITZBOX_USERNAME=my_username
  68. $ export DEPLOY_FRITZBOX_PASSWORD=the_password
  69. $ export DEPLOY_FRITZBOX_URL=https://fritzbox.example.com
  70. ```
  71. After the first deployment, these values will be stored in your $HOME/.acme.sh/account.conf. You may now deploy the certificate like this:
  72. ```sh
  73. acme.sh --deploy -d fritz.box --deploy-hook fritzbox
  74. ```