table of contents
ACME-TINY(1) | General Commands Manual | ACME-TINY(1) |
NAME¶
acme-tiny - letsencrypt tiny python client
SYNOPSIS¶
acme-tiny [-h] --account-key ACCOUNT_KEY --csr CSR --acme-dir ACME_DIR [--quiet] [--disable-check] [--directory-url DIRECTORY_URL] [--contact [CONTACT [CONTACT ...]]]
DESCRIPTION¶
This script automates the process of getting a signed TLS certificate from Let's Encrypt using the ACME protocol. It will need to be run on your server and have access to your private account key, so PLEASE READ THROUGH IT! It's only ~200 lines, so it won't take long.
OPTIONS¶
- -h, --help
- Show summary of options
- --account-key ACCOUNT_KEY
- Path to your Let's Encrypt account private key
- --csr CSR
- Path to your certificate signing request
- --acme-dir ACME_DIR
- Path to the .well-known/acme-challenge/ directory
- --quiet
- Suppress output except for errors
- --disable-check
- Disable checking if the challenge file is hosted correctly before telling the CA
- --directory-url DIRECTORY_URL
- Certificate authority directory url, default is Let's Encrypt
- --contact [CONTACT [CONTACT ...]]
- Contact details (e.g. mailto:aaa@bbb.com) for your account-key
EXAMPLES¶
acme-tiny --account-key ./account.key --csr ./domain.csr --acme-dir /usr/share/nginx/html/.well-known/acme-challenge/ > signed_chain.crt
EXAMPLE CRONTAB RENEWAL¶
0 0 1 * * acme_tiny --account-key /path/to/account.key --csr /path/to/domain.csr --acme-dir /usr/share/nginx/html/.well-known/acme-challenge/ > /path/to/signed_chain.crt 2>> /var/log/acme_tiny.log
SEE ALSO¶
openssl(1), https://letsencrypt.org/, https://github.com/diafygi/acme-tiny#acme-tiny.
2019-04-07 |