Acme.sh : how to set the automatic certiicates renewal (Ubuntu 18.04.02 Server Edition)?

My domain is: ggc.world

I ran these commands:

  1. Entered as root

    marco@pc: su -
    Password:
    root@pc:~#

  2. Git cloned acme.sh

    root@pc:~# git clone https://github.com/Neilpang/acme.sh.git
    Cloning into ‘acme.sh’…
    remote: Enumerating objects: 9055, done.
    remote: Total 9055 (delta 0), reused 0 (delta 0), pack-reused 9055
    Receiving objects: 100% (9055/9055), 3.52 MiB | 5.25 MiB/s, done.
    Resolving deltas: 100% (5275/5275), done.

  3. Installed socat

    root@pc:~/acme.sh# apt-get install socat
    Reading package lists… Done
    Building dependency tree
    Reading state information… Done
    The following NEW packages will be installed
    socat
    0 to upgrade, 1 to newly install, 0 to remove and 7 not to upgrade.
    Need to get 342 kB of archives.
    After this operation, 1,034 kB of additional disk space will be used.
    Get:1 http://gb.archive.ubuntu.com/ubuntu bionic/main amd64 socat amd64 1.7.3.2-2ubuntu2 [342 kB]
    Fetched 342 kB in 10s (33.5 kB/s)
    Selecting previously unselected package socat.
    (Reading database … 116435 files and directories currently installed.)
    Preparing to unpack …/socat_1.7.3.2-2ubuntu2_amd64.deb …
    Unpacking socat (1.7.3.2-2ubuntu2) …
    Setting up socat (1.7.3.2-2ubuntu2) …
    Processing triggers for man-db (2.8.3-2ubuntu0.1) …

  4. Installed acme.sh

    root@pc:~/acme.sh# ./acme.sh --install
    [Sat 10 Aug 13:18:50 CEST 2019] Installing to /root/.acme.sh
    [Sat 10 Aug 13:18:50 CEST 2019] Installed to /root/.acme.sh/acme.sh
    [Sat 10 Aug 13:18:50 CEST 2019] Installing alias to ‘/root/.bashrc’
    [Sat 10 Aug 13:18:50 CEST 2019] OK, Close and reopen your terminal to start using acme.sh
    [Sat 10 Aug 13:18:50 CEST 2019] Installing cron job
    23 0 * * * “/root/.acme.sh”/acme.sh --cron --home “/root/.acme.sh” > /dev/null
    [Sat 10 Aug 13:18:50 CEST 2019] Good, bash is found, so change the shebang to use bash as preferred.
    [Sat 10 Aug 13:18:50 CEST 2019] OK

  5. Upgraded acme.sh

    root@pc:~/acme.sh# acme.sh --upgrade --auto-upgrade
    [Sat 10 Aug 14:51:44 CEST 2019] Installing from online archive.
    [Sat 10 Aug 14:51:44 CEST 2019] Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz
    [Sat 10 Aug 14:51:44 CEST 2019] Extracting master.tar.gz
    [Sat 10 Aug 14:51:44 CEST 2019] Installing to /root/.acme.sh
    [Sat 10 Aug 14:51:44 CEST 2019] Installed to /root/.acme.sh/acme.sh
    [Sat 10 Aug 14:51:44 CEST 2019] Good, bash is found, so change the shebang to use bash as preferred.
    [Sat 10 Aug 14:51:45 CEST 2019] OK
    [Sat 10 Aug 14:51:45 CEST 2019] Install success!
    [Sat 10 Aug 14:51:45 CEST 2019] Upgrade success!

  6. Issued certificates:

    root@pc:~/acme.sh# ./acme.sh --issue --alpn -d ggc.world -d www.ggc.world
    [Sat 10 Aug 14:53:19 CEST 2019] Standalone alpn mode.
    [Sat 10 Aug 14:53:19 CEST 2019] Standalone alpn mode.
    [Sat 10 Aug 14:53:19 CEST 2019] Multi domain=‘DNS:ggc.world,DNS:www.ggc.world’
    [Sat 10 Aug 14:53:20 CEST 2019] Getting domain auth token for each domain
    [Sat 10 Aug 14:53:21 CEST 2019] Getting webroot for domain=‘ggc.world’
    [Sat 10 Aug 14:53:21 CEST 2019] Getting webroot for domain=‘www.ggc.world’
    [Sat 10 Aug 14:53:21 CEST 2019] Verifying: ggc.world
    [Sat 10 Aug 14:53:21 CEST 2019] Starting tls server.
    [Sat 10 Aug 14:53:24 CEST 2019] Success
    [Sat 10 Aug 14:53:24 CEST 2019] Verifying: www.ggc.world
    [Sat 10 Aug 14:53:24 CEST 2019] Starting tls server.
    [Sat 10 Aug 14:53:28 CEST 2019] Success
    [Sat 10 Aug 14:53:28 CEST 2019] Verify finished, start to sign.
    [Sat 10 Aug 14:53:28 CEST 2019] Lets finalize the order, Le_OrderFinalize: https://acme-v02.api.letsencrypt.org/acme/finalize/63161964/870159021
    [Sat 10 Aug 14:53:30 CEST 2019] Download cert, Le_LinkCert: https://acme-v02.api.letsencrypt.org/acme/cert/04b817d862f36d04ce71b7954a48d7d4f43a
    [Sat 10 Aug 14:53:30 CEST 2019] Cert success.

    -----BEGIN CERTIFICATE-----
    -----END CERTIFICATE-----

    [Sat 10 Aug 14:53:30 CEST 2019] Your cert is in /root/.acme.sh/ggc.world/ggc.world.cer
    [Sat 10 Aug 14:53:30 CEST 2019] Your cert key is in /root/.acme.sh/ggc.world/ggc.world.key
    [Sat 10 Aug 14:53:30 CEST 2019] The intermediate CA cert is in /root/.acme.sh/ggc.world/ca.cer
    [Sat 10 Aug 14:53:30 CEST 2019] And the full chain certs is there: /root/.acme.sh/ggc.world/fullchain.cer
    root@pc:~/acme.sh#

  7. Started nginx service:

    root@pc:~/acme.sh# service nginx start

  8. “Installed” the certificates

    root@pc:~/acme.sh# acme.sh --install-cert -d ggc.world \

    –key-file /etc/ssl/private/domain.key
    –fullchain-file /etc/ssl/certs/chained.pem
    –reloadcmd “service nginx force-reload”
    [Sat 10 Aug 15:02:23 CEST 2019] Installing key to:/etc/ssl/private/domain.key
    [Sat 10 Aug 15:02:23 CEST 2019] Installing full chain to:/etc/ssl/certs/chained.pem
    [Sat 10 Aug 15:02:23 CEST 2019] Run reload cmd: service nginx force-reload
    [Sat 10 Aug 15:02:23 CEST 2019] Reload success

My web server is (include version): nginx version: nginx/1.14.0 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 18.04.02 Server Edition
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

My question is: how to set the automati certiicates renewal with acme.sh ?
Looking forward to your kind help.
Marco

When you install acme.sh, it ordinarily configures a cron task that runs daily to do any required renewals. If it isn’t there, add a daily tasks to run /root/.acme.sh/acme.sh --cron.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.