News! le.sh v2.0 is out

Hi guys,
le.sh v2.0 is out.
https://github.com/Neilpang/le

There are a lot of improvements:

1. Unix-like command line api

le.sh  --help

2. 100% compatible with le.sh 1.x command api.

If you are already using le.sh 1.x, don’t worry. you can just uninstall and re-install the new version.

And you can also use 2.x as the 1.x

le.sh  issue /www/aa.com  aa.com

2.x is 100% compatible.

###3. Support different webroot for each domain in the same cert.

le.sh  --issue  \
-d a.com  -w /wwwroot/a.com  \
-d b.com -w /wwwroot/b.com

###4. Support different authentication methods for each domain in the same cert. Hybrid usage:

le.sh  --issue  \
-d  a.com   -w /wwwroot/a.com  \
-d  b.com   --dns  dns-cf \\
-d  c.com   --apache

###5. Two different debug levels to provide useful debug info. --debug or --debug 2

le.sh  --issue .......   --debug

le.sh  --issue .......   --debug 2

###6. Support to install fullchain.cer after renewal.
###7. Better performance.
###8. A lot of bug fixes.

More example see the wiki: https://github.com/Neilpang/le/wiki/How-to-issue-a-cert

6 Likes

nice that hybrid authentication looks interesting :thumbsup:

Hi @eva2000,

le.sh was just renamed to acme.sh, all the configurations and macros are 100% compatible.

just the name is changed.

Please update your code. Thanks.

1 Like

wow things are happening fast…

thanks for the heads up !

Yes,
Sorry about the inconvenience.

Please use the new api instead, and it’s not suggested to define and use Macros anymore, maybe the Macros will be named in future.

please use the new command line parameters, all the public parameters are stable.

@eva2000

Just AT EVA2000

you mean acme.sh as opposed to /root/.acme.sh/acme.sh ?

No,

Just use /root/.acme.sh/acme.sh is ok.

I don’t mean the bash alias, but I meant the command macros, such as “DEBUG=1” , “LE_WORKING_DIR” etc, as example.

Use the new command parameters instead: --debug or --home instead.

1 Like

Forget to AT @eva2000

thanks for the clarification do you have a link to the info and outline for these changes ?

Here is the wiki page: https://github.com/Neilpang/acme.sh/wiki
You can find the usage here.

1 Like

@eva2000 forgot to AT eva2000

thanks @Neilpang :+1:

@Neilpang
Is there a way to append SANs to an existing certificate using acme.sh or do you have to run it again using all domains every time?

something like acme.sh --append example.com -w /var/www/something -d new1.example.com -d new2.example.com
which would add new1 and new2 subdomains to the example.com certificate

There is no append operation in the acme protocol.

However, with acme.sh, each time you use --issue command, it will use a new CSR, including all the new domains.

So, you can use like:

acme.sh  --issue  -w /var/www/aa.com     -d aa.com   -d new1.aa.com  -d new2.aa.com

All the three domains will be re-verified by acme protocol, then a new cert including the 3 domains will be created.

1 Like

@Rathian Oh, just at.

Okay I see.
This might get confusing having a lot of subdomains, so I’ll probably end up just editing the config file and run a force renew.

@Rathian
Yes, I prefer to use --issue instead of editing the config file and renew.

@Neilpang thanks for your awesome work on acme.sh client. I’ve now decided to do a total rewrite of my letsencrypt integration into my LEMP stack using acme.sh instead https://community.centminmod.com/posts/31505/ :slight_smile:

That is great! Thanks!!