ZeroSSL

From Indie IT Wiki
Revision as of 15:49, 22 November 2021 by Plittlefield (talk | contribs) (Created page with "ZeroSSL is a Certificate Authority similar to Let's Encrypt. However, in recent months - there have been a raft of issues and problems when the Let's Encrypt Root Certificate...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

ZeroSSL is a Certificate Authority similar to Let's Encrypt.

However, in recent months - there have been a raft of issues and problems when the Let's Encrypt Root Certificates expired - leaving people stranded and old devices unable to connect.

This solves that problem.

How to create free SSL Certificates using the Linux acme.sh script and the Certificate Authority (CA) of ZeroSSL.

https://github.com/acmesh-official/acme.sh

Installation

git clone https://github.com/acmesh-official/acme.sh.git
cd ./acme.sh
./acme.sh --install -m my@example.com

Scripts

Script to issue and renew a cert using Gandi LiveDNS (which means you don't have to open modem ports and stop services :)

#!/bin/bash

# cd /root/.acme.sh
# ./acme.sh --help

# cd /root/.acme.sh
# ./acme.sh --issue --domain my.domain.com --dns dns_gandi_livedns
# ./acme.sh --list
# ./acme.sh --to-pkcs12 --domain my.domain.com
# cp -av my.domain.com/my.domain.com.pfx /opt/emby-server/my.domain.com.pfx
# service emby-server restart

# cd /root/.acme.sh
# ./acme.sh --renew --domain my.domain.com
# ./acme.sh --to-pkcs12 --domain my.domain.com
# cp -av my.domain.com/my.domain.com.pfx /opt/emby-server/my.domain.com.pfx
# service emby-server restart

cd /root/.acme.sh && \
./acme.sh --renew --domain my.domain.com && \
./acme.sh --to-pkcs12 --domain my.domain.com && \
cp -av my.domain.com/my.domain.com.pfx /opt/emby-server/my.domain.com.pfx && \
service emby-server restart && \

exit;