2021 年群晖 acme dnspod.cn 证书更新方法

0117

step0. prepare

先想办法下载https://codeload.github.com/acmesh-official/acme.sh/zip/master 到群晖里面

群晖开启ssh 后, ssh 进入, sudo -i  change to root mode, 切换到root 家目录

解压后安装acme:

安装后就可以把安装包删除了,安装后的路径为 /root/.acme

change path to the /root/.acme

step1: issue<gen>:

DP_Id="100292"
DP_Key="71c3958ef00091bf30f6100000530"
./acme.sh  --issue  -d 668000.xyz  --dns dns_dp

will gen the file to this path /root/.acme.sh/668000.xyz

then installing to the /usr/syno/etc/certificate/_archive/OUHIkd

[Fri Feb 12 00:37:52 CST 2021] Your cert is in  /root/.acme.sh/668168.xyz/668000.xyz.cer  
[Fri Feb 12 00:37:52 CST 2021] Your cert key is in  /root/.acme.sh/668168.xyz/668000.xyz.key  
[Fri Feb 12 00:37:52 CST 2021] The intermediate CA cert is in  /root/.acme.sh/668000.xyz/ca.cer  
[Fri Feb 12 00:37:52 CST 2021] And the full chain certs is there:  /root/.acme.sh/668000.xyz/fullchain.cer  
[Fri Feb 12 00:37:53 CST 2021] Installing cert to:/usr/syno/etc/certificate/_archive/OUHIkd/cert.pem
[Fri Feb 12 00:37:53 CST 2021] Installing CA to:/usr/syno/etc/certificate/_archive/OUHIkd/chain.pem
[Fri Feb 12 00:37:54 CST 2021] Installing key to:/usr/syno/etc/certificate/_archive/OUHIkd/privkey.pem
[Fri Feb 12 00:37:54 CST 2021] Installing full chain to:/usr/syno/etc/certificate/_archive/OUHIkd/fullchain.pem

step1 just run once ,  just repeat step2, step3 every three month.

step2: renew

./acme.sh  --renew -d 668000.xyz --force

step2 full script

# filename renew.sh
export DP_Id="190000" 
DP_Id="19000" 
export DP_Key="71c30000000000000000" 
DP_Key="71c3958ef00000000000000000000000000" 
/root/.acme.sh/acme.sh --renew -d  668000.xyz --force

step3: install the cer

# filename: install.sh
export DP_Id="190000" 
DP_Id="19000" 
export DP_Key="71c3958000000000000000000000" 
DP_Key="71c3958ef00000000000000000000000" 

/root/.acme.sh/acme.sh  --installcert -d 668000.xyz --certpath /usr/syno/etc/certificate/_archive/OUHIkd/cert.pem --keypath /usr/syno/etc/certificate/_archive/OUHIkd/privkey.pem --fullchainpath /usr/syno/etc/certificate/_archive/OUHIkd/fullchain.pem --capath /usr/syno/etc/certificate/_archive/OUHIkd/chain.pem --reloadcmd 

rsync -avzh /usr/syno/etc/certificate/_archive/OUHIkd/ /usr/syno/etc/certificate/system/default/

/usr/syno/etc/rc.sysv/nginx.sh reload

#/usr/syno/etc/rc.sysv/nginx.sh force-reload

END

© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
兴趣爱好
在时间中留下我的脚印
分享
评论 抢沙发
头像
欢迎您留下宝贵的见解!
提交
头像

昵称

取消
昵称

请填写用户信息:

  • 昵称(必填)
  • 邮箱(必填)
表情
[aoman][baiyan][bishi][bizui][cahan][ciya][dabing][daku][deyi][doge][fadai][fanu][fendou][ganga][guzhang][haixiu][hanxiao][zuohengheng][zhuakuang][zhouma][zhemo][zhayanjian][zaijian][yun][youhengheng][yiwen][yinxian][xu][xieyanxiao][xiaoku][xiaojiujie][xia][wunai][wozuimei][weixiao][weiqu][tuosai][tu][touxiao][tiaopi][shui][se][saorao][qiudale][se][qinqin][qiaoda][piezui][penxue][nanguo][liulei][liuhan][lenghan][leiben][kun][kuaikule][ku][koubi][kelian][keai][jingya][jingxi][jingkong][jie][huaixiao][haqian][aini][OK][qiang][quantou][shengli][woshou][gouyin][baoquan][aixin][bangbangtang][xiaoyanger][xigua][hexie][pijiu][lanqiu][juhua][hecai][haobang][caidao][baojin][chi][dan][kulou][shuai][shouqiang][yangtuo][youling]
图片

    暂无评论内容

其他操作

标签

buy c code hynix IFTTT linux mac MTK opengrok police sensor soft tip Twitter ubuntu vps wordpress 十万个为什么 感情 笑话 语录做人 读书笔记