ZeroSSL

From Indie IT Wiki
Revision as of 10:53, 9 December 2021 by Plittlefield (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

ZeroSSL is a Certificate Authority similar to Let's Encrypt.

However, in recent months - there have been a raft of issues and problems when the Let's Encrypt Root Certificates expired - leaving people stranded and old devices unable to connect.

This solves that problem.

How to create free SSL Certificates using the Linux acme.sh script and the Certificate Authority (CA) of ZeroSSL.

https://github.com/acmesh-official/acme.sh

https://github.com/acmesh-official/acme.sh/wiki/Change-default-CA-to-ZeroSSL

https://github.com/acmesh-official/acme.sh/wiki/Server

Installation

git clone https://github.com/acmesh-official/acme.sh.git
cd ./acme.sh
./acme.sh --install -m my@example.com --server zerossl

https://github.com/acmesh-official/acme.sh/wiki/Server

Scripts

Script to issue and renew a cert using Gandi LiveDNS verification for an Emby Media Server ...

#!/bin/bash

# cd /root/.acme.sh
# ./acme.sh --help

# cd /root/.acme.sh
# ./acme.sh --issue --domain my.domain.com --dns dns_gandi_livedns --server zerossl
# ./acme.sh --list
# ./acme.sh --to-pkcs12 --domain my.domain.com
# cp -av my.domain.com/my.domain.com.pfx /opt/emby-server/my.domain.com.pfx
# service emby-server restart

# cd /root/.acme.sh
# ./acme.sh --renew --domain my.domain.com
# ./acme.sh --to-pkcs12 --domain my.domain.com
# cp -av my.domain.com/my.domain.com.pfx /opt/emby-server/my.domain.com.pfx
# service emby-server restart

cd /root/.acme.sh && \
./acme.sh --renew --domain my.domain.com && \
./acme.sh --to-pkcs12 --domain my.domain.com && \
cp -av my.domain.com/my.domain.com.pfx /opt/emby-server/my.domain.com.pfx && \
service emby-server restart && \

exit;