1root@secure-pony-4:~# acme.sh  --issue  -d deepin.tv --nginx
 2[Fri Jan 20 04:57:12 UTC 2023] Using CA: https://acme.zerossl.com/v2/DV90
 3[Fri Jan 20 04:57:13 UTC 2023] Create account key ok.
 4[Fri Jan 20 04:57:13 UTC 2023] No EAB credentials found for ZeroSSL, let's get one
 5[Fri Jan 20 04:57:13 UTC 2023] acme.sh is using ZeroSSL as default CA now.
 6[Fri Jan 20 04:57:13 UTC 2023] Please update your account with an email address first.
 7[Fri Jan 20 04:57:13 UTC 2023] acme.sh --register-account -m my@example.com
 8[Fri Jan 20 04:57:13 UTC 2023] See: https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-CA
 9[Fri Jan 20 04:57:13 UTC 2023] Please add '--debug' or '--log' to check more details.
10[Fri Jan 20 04:57:13 UTC 2023] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh

1curl https://get.acme.sh | sh -s email=emailAddr

 1[Fri Jan 20 05:03:17 UTC 2023] Installing from online archive.
 2[Fri Jan 20 05:03:17 UTC 2023] Downloading https://github.com/acmesh-official/acme.sh/archive/master.tar.gz
 3[Fri Jan 20 05:03:18 UTC 2023] Extracting master.tar.gz
 4[Fri Jan 20 05:03:18 UTC 2023] It is recommended to install socat first.
 5[Fri Jan 20 05:03:18 UTC 2023] We use socat for standalone server if you use standalone mode.
 6[Fri Jan 20 05:03:18 UTC 2023] If you don't use standalone mode, just ignore this warning.
 7[Fri Jan 20 05:03:18 UTC 2023] Installing to /root/.acme.sh
 8[Fri Jan 20 05:03:18 UTC 2023] Installed to /root/.acme.sh/acme.sh
 9[Fri Jan 20 05:03:18 UTC 2023] Installing alias to '/root/.bashrc'
10[Fri Jan 20 05:03:18 UTC 2023] OK, Close and reopen your terminal to start using acme.sh
11[Fri Jan 20 05:03:18 UTC 2023] Installing cron job
1218 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
13[Fri Jan 20 05:03:18 UTC 2023] Good, bash is found, so change the shebang to use bash as preferred.
14[Fri Jan 20 05:03:19 UTC 2023] OK
15[Fri Jan 20 05:03:19 UTC 2023] Install success!
16root@secure-pony-4:~# acme.sh  --issue  -d deepin.tv  --nginx
17[Fri Jan 20 05:03:42 UTC 2023] Using CA: https://acme.zerossl.com/v2/DV90
18[Fri Jan 20 05:03:42 UTC 2023] No EAB credentials found for ZeroSSL, let's get one
19[Fri Jan 20 05:03:45 UTC 2023] Registering account: https://acme.zerossl.com/v2/DV90
20[Fri Jan 20 05:03:50 UTC 2023] Registered
21[Fri Jan 20 05:03:50 UTC 2023] ACCOUNT_THUMBPRINT='PcdRtlFcp_SkXLECutgjwTjGMGLwrS9LNmWfgu5lKjE'
22[Fri Jan 20 05:03:50 UTC 2023] Creating domain key
23[Fri Jan 20 05:03:51 UTC 2023] The domain key is here: /root/.acme.sh/deepin.tv/deepin.tv.key
24[Fri Jan 20 05:03:51 UTC 2023] Single domain='deepin.tv'
25[Fri Jan 20 05:03:51 UTC 2023] Getting domain auth token for each domain
26[Fri Jan 20 05:03:56 UTC 2023] Getting webroot for domain='deepin.tv'
27[Fri Jan 20 05:03:57 UTC 2023] Verifying: deepin.tv
28[Fri Jan 20 05:03:57 UTC 2023] Nginx mode for domain:deepin.tv
29[Fri Jan 20 05:03:57 UTC 2023] Can not find conf file for domain deepin.tv
30[Fri Jan 20 05:03:57 UTC 2023] Please add '--debug' or '--log' to check more details.
31[Fri Jan 20 05:03:57 UTC 2023] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh

 1root@secure-pony-4:/etc/nginx# acme.sh  --issue  -d deepin.tv  --nginx
 2[Fri Jan 20 05:05:46 UTC 2023] Using CA: https://acme.zerossl.com/v2/DV90
 3[Fri Jan 20 05:05:46 UTC 2023] Single domain='deepin.tv'
 4[Fri Jan 20 05:05:47 UTC 2023] Getting domain auth token for each domain
 5[Fri Jan 20 05:05:54 UTC 2023] Getting webroot for domain='deepin.tv'
 6[Fri Jan 20 05:05:54 UTC 2023] Verifying: deepin.tv
 7[Fri Jan 20 05:05:54 UTC 2023] Nginx mode for domain:deepin.tv
 8[Fri Jan 20 05:05:54 UTC 2023] Found conf file: /etc/nginx/nginx.conf
 9[Fri Jan 20 05:05:54 UTC 2023] Backup /etc/nginx/nginx.conf to /root/.acme.sh/deepin.tv/backup/deepin.tv.nginx.conf
10[Fri Jan 20 05:05:54 UTC 2023] Check the nginx conf before setting up.
11[Fri Jan 20 05:05:54 UTC 2023] OK, Set up nginx config file
12[Fri Jan 20 05:05:54 UTC 2023] nginx conf is done, let's check it again.
13[Fri Jan 20 05:05:54 UTC 2023] Reload nginx
14......
15......
16[Fri Jan 20 05:06:29 UTC 2023] Cert success.
17-----BEGIN CERTIFICATE-----
18-----END CERTIFICATE-----
19[Fri Jan 20 05:06:29 UTC 2023] Your cert is in: /root/.acme.sh/deepin.tv/deepin.tv.cer
20[Fri Jan 20 05:06:29 UTC 2023] Your cert key is in: /root/.acme.sh/deepin.tv/deepin.tv.key
21[Fri Jan 20 05:06:29 UTC 2023] The intermediate CA cert is in: /root/.acme.sh/deepin.tv/ca.cer
22[Fri Jan 20 05:06:29 UTC 2023] And the full chain certs is there: /root/.acme.sh/deepin.tv/fullchain.cer

1acme.sh --install-cert -d deepin.tv -d *.deepin.tv \
2--key-file  /root/.acme.sh/deepin.tv/deepin.tv.key  \
3--fullchain-file /root/.acme.sh/deepin.tv/fullchain.cer \       
4--reloadcmd  "service nginx force-reload"

 1user  root;
 2worker_processes  1;
 3error_log  /var/log/nginx/error.log  info;
 4events {
 5    worker_connections  1024;
 6}
 7http {
 8    include       mime.types;
 9    default_type  application/octet-stream;
10    sendfile        on;
11    keepalive_timeout  65;
12    server {
13        listen 443 ssl;
14        server_name  deepin.tv;
15        ssl_certificate /root/.acme.sh/deepin.tv/fullchain.cer;
16        ssl_certificate_key /root/.acme.sh/deepin.tv/deepin.tv.key;
17        location / {
18            root   /home/gitblog/projects/blog;
19            index  index.html index.htm;
20        }
21        error_page   500 502 503 504  /50x.html;
22        location = /50x.html {
23            root   html;
24        }
25    }
26
27    #监听80端口,并重定向到443
28    server{
29        listen 80;
30        server_name deepin.tv;
31        rewrite ^/(.*)$ https://deepin.tv:443/$1 permanent;
32    }
33}

1acme.sh --renew -d deepin.tv --force

1 46 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null

1acme.sh --upgrade
2
3# 保持自动升级
4acme.sh  --upgrade  --auto-upgrade