nihilist/acme.sh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add '--httpport' for servers that is behind a reverse proxy or load balancer

Browse Source
This commit is contained in:
neil 2016-05-29 14:08:39 +08:00
parent eae290992f
commit 39c8f79f3e
2 changed files with 10 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
README.md
View File

@ -105,58 +105,8 @@ Ok, you are ready to issue cert now.
Show help message: Show help message:
``` ```
root@v1:~# acme.sh
https://github.com/Neilpang/acme.sh
v2.1.1
Usage: acme.sh command ...[parameters]....
Commands:
--help, -h Show this help message.
--version, -v Show version info.
--install Install acme.sh to your system.
--uninstall Uninstall acme.sh, and uninstall the cron job.
--issue Issue a cert.
--installcert Install the issued cert to apache/nginx or any other server.
--renew, -r Renew a cert.
--renewAll Renew all the certs
--revoke Revoke a cert.
--installcronjob Install the cron job to renew certs, you don't need to call this. The 'install' command can automatically install the cron job.
--uninstallcronjob Uninstall the cron job. The 'uninstall' command can do this automatically.
--cron Run cron job to renew all the certs.
--toPkcs Export the certificate and key to a pfx file.
--createAccountKey, -cak Create an account private key, professional use.
--createDomainKey, -cdk Create an domain private key, professional use.
--createCSR, -ccsr Create CSR , professional use.
Parameters: root@v1:~# acme.sh -h
--domain, -d domain.tld Specifies a domain, used to issue, renew or revoke etc.
--force, -f Used to force to install or force to renew a cert immediately.
--staging, --test Use staging server, just for test.
--debug Output debug info.
--webroot, -w /path/to/webroot Specifies the web root folder for web root mode.
--standalone Use standalone mode.
--apache Use apache mode.
--dns [dns-cf|dns-dp|dns-cx|/path/to/api/file] Use dns mode or dns api.
--keylength, -k [2048] Specifies the domain key length: 2048, 3072, 4096, 8192 or ec-256, ec-384.
--accountkeylength, -ak [2048] Specifies the account key length.
These parameters are to install the cert to nginx/apache or anyother server after issue/renew a cert:
--certpath /path/to/real/cert/file After issue/renew, the cert will be copied to this path.
--keypath /path/to/real/key/file After issue/renew, the key will be copied to this path.
--capath /path/to/real/ca/file After issue/renew, the intermediate cert will be copied to this path.
--fullchainpath /path/to/fullchain/file After issue/renew, the fullchain cert will be copied to this path.
--reloadcmd "service nginx reload" After issue/renew, it's used to reload the server.
--accountconf Specifies a customized account config file.
--home Specifies the home dir for acme.sh .
--certhome Specifies the home dir to save all the certs, only valid for '--install' command.
--useragent Specifies the user agent string. it will be saved for future use too.
--accountemail Specifies the account email for registering, Only valid for the '--install' command.
--accountkey Specifies the account key path, Only valid for the '--install' command.
--days Specifies the days to renew the cert when using '--issue' command. The max value is 80 days.
``` ```

11
acme.sh
View File

@ -775,6 +775,7 @@ _startserver() {
fi fi
_debug "_NC" "$_NC" _debug "_NC" "$_NC"
_debug Le_HTTPPort "$Le_HTTPPort"
# while true ; do # while true ; do
if [ "$DEBUG" ] ; then if [ "$DEBUG" ] ; then
if ! printf "HTTP/1.1 200 OK\r\n\r\n$content" | $_NC -p $Le_HTTPPort ; then if ! printf "HTTP/1.1 200 OK\r\n\r\n$content" | $_NC -p $Le_HTTPPort ; then
@ -2124,12 +2125,12 @@ Parameters:
--accountconf Specifies a customized account config file. --accountconf Specifies a customized account config file.
--home Specifies the home dir for $PROJECT_NAME . --home Specifies the home dir for $PROJECT_NAME .
--certhome Specifies the home dir to save all the certs. --certhome Specifies the home dir to save all the certs, only valid for '--install' command.
--useragent Specifies the user agent string. it will be saved for future use too. --useragent Specifies the user agent string. it will be saved for future use too.
--accountemail Specifies the account email for registering, Only valid for the '--install' command. --accountemail Specifies the account email for registering, Only valid for the '--install' command.
--accountkey Specifies the account key path, Only valid for the '--install' command. --accountkey Specifies the account key path, Only valid for the '--install' command.
--days Specifies the days to renew the cert when using '--issue' command. The max value is 80 days. --days Specifies the days to renew the cert when using '--issue' command. The max value is 80 days.
--httpport Specifies the standalone listening port. Only valid if the server is behind a reverse proxy or load balancer.
" "
} }
@ -2178,6 +2179,7 @@ _process() {
_accountemail="" _accountemail=""
_accountkey="" _accountkey=""
_certhome="" _certhome=""
_httpport=""
while [ ${#} -gt 0 ] ; do while [ ${#} -gt 0 ] ; do
case "${1}" in case "${1}" in
@ -2372,6 +2374,11 @@ _process() {
Le_RenewalDays="$_days" Le_RenewalDays="$_days"
shift shift
;; ;;
--httpport )
_httpport="$2"
Le_HTTPPort="$_httpport"
shift
;;
*) *)
_err "Unknown parameter : $1" _err "Unknown parameter : $1"
return 1 return 1