cf 托管的域名 ssl 一键申请
#!/bin/bash -i
#getssl.sh
DOMAIN=
ALL_DOMAIN=
CFKEY=
CFEMAIL=
INSTALL_CERT_PATH=
# 查看alias扩展是否启用
shopt expand_aliases
# 启用alias扩展
shopt -s expand_aliases
alias EXECUTE_ROOT="~/.acme.sh"
alias acme.sh="~/.acme.sh/acme.sh"
showhelp() {
echo "Usage:
./getssl.sh [example.com] [[email protected]] [8e53269881db6a7bb78389a5606801c1d287a798] [/etc/nginx/myssl]
"
}
install_acmesh() {
curl https://get.acme.sh | sh
}
reg_acmesh() {
acme.sh --register-account -m $CFEMAIL
export CF_Key="$CFKEY"
export CF_Email="$CFEMAIL"
}
update_ssl() {
echo "new ssl cert for the domain:"
echo ${DOMAIN}
echo ${ALL_DOMAIN}
acme.sh --issue --dns dns_cf -d "${DOMAIN}" -d "${ALL_DOMAIN}"
}
install_cert() {
mkdir -p ${INSTALL_CERT_PATH}
cd ${EXECUTE_ROOT}/${DOMAIN}/
cp ./${DOMAIN}.cer ${INSTALL_CERT_PATH}
cp ./${DOMAIN}.key ${INSTALL_CERT_PATH}
cp ./fullchain.cer ${INSTALL_CERT_PATH}
echo "install cer files done: ${INSTALL_CERT_PATH}${DOMAIN}.cer"
}
process_args() {
DOMAIN=$1
ALL_DOMAIN="*.${DOMAIN}"
CFKEY=$3
CFEMAIL=$2
INSTALL_CERT_PATH=$4/${DOMAIN}/
echo "
DOMAIN=${DOMAIN}
ALL_DOMAIN='*.${DOMAIN}'
CFKEY=${CFKEY}
CFEMAIL=${CFEMAIL}
INSTALL_CERT_PATH=${INSTALL_CERT_PATH}
"
}
start() {
cd ~
install_acmesh
reg_acmesh
update_ssl
install_cert
}
main() {
if [ $# != 4 ]; then
showhelp && return
fi
process_args $@
start
}
main $@
使用在线版
curl -s https://ipm.sh/getssl.sh | bash -s abc.com [email protected] 8e53269881db6a7bb78389a5606801c1d287a798 /etc/nginx/myssl