安装方式

curl https://get.acme.sh | sh -s [email protected]
需要安装 socat
yum install -y socat 
source ~/.bashrc

其他可以参考方式 acme

以下 以腾讯云为例

腾讯云
export DP_Id="xxx"
export DP_Key="xxxx"

设置
acme.sh --set-default-ca  --server letsencrypt

支持泛域名
acme.sh --issue --dns dns_dp -d *.xxx.com -d xxxx.com

cd /etc/nginx
mkdir ssl
安装
acme.sh --install-cert -d *.xxx.com \
--key-file /etc/nginx/ssl/xxxx.com.key.pem \
--fullchain-file /etc/nginx/ssl/xxxx.com.pem 

一个基础的nginx配置

upstream xrc {
    server 127.0.0.1:8090;
}

server {
    listen 80;
    listen [::]:80;
    server_name xxx.xxx.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443;
    listen [::]:443;
    ssl on;
    ssl_certificate /etc/nginx/ssl/xxx.com.pem;
    ssl_certificate_key /etc/nginx/ssl/xxx.com.key.pem;
    server_name  xrc.mygirlcs.cn;
    root         /usr/share/nginx/html;
    location / {
        proxy_set_header Host $http_host;
        proxy_set_header X-Client-Proto $scheme;
        proxy_set_header X-Client-Proto-Ver $server_protocol;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        set $userrealip $remote_addr;
        proxy_set_header X-Forwarded-For-Pound $userrealip;
        proxy_pass http://xrc;         
    }
}

查看定时任务

crontab -l

增加企业微信提醒

export WEIXIN_WORK_WEBHOOK='xxx'
export WEIXIN_WORK_KEYWORD=acme

acme.sh --set-notify --notify-hook weixin_work

强制更新

acme.sh --renew --domain *.xxx.com --force