Acme.sh

From WIKI

asme.sh - free open source solution for getting Lets Encrypt certificate. Benefits asme.sh:

  • Easy installation
  • Getting ECC-128,ECC-256,ECC-386 bits certificate
  • Integration with DNS hosting Сloudflare
  • Automatic certification
  • Support wildcard

Instructions for getting Lets Encrypt wildcard ECC certificate with DNS verification

apt install git
git clone https://github.com/Neilpang/acme.sh.git
cd ./acme.sh
./acme.sh --install

Import Cloudflare DNS API Keys

CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
export CF_Email="xxxx@sss.com"

Small ECC keys have the equivalent strength of larger RSA keys because of the algorithm used to generate them. For example, a 256-bit ECC key is equivalent to a 3072-bit RSA key and a 384-bit ECC key is equivalent to a 7680-bit RSA key! These strong, small keys allow encryption to stay ahead of computing power without having to simply create longer keys.

Get a wildcard ECC certificate Let's Encrypt.

sh acme.sh --issue --dns dns_cf -d example.com -d '*.example.com' --keylength ec-384

Renew

sh acme.sh --renew --dns dns_cf -d example.com -d '*.example.com' --ecc --force

Other Manual

Links