|19|[![](https://cdn.rawgit.com/Neilpang/acmetest/master/status/gentoo-stage3-amd64.svg)](https://github.com/Neilpang/letest#here-are-the-latest-status)|Gentoo Linux
|19|[![](https://cdn.rawgit.com/Neilpang/acmetest/master/status/gentoo-stage3-amd64.svg)](https://github.com/Neilpang/letest#here-are-the-latest-status)|Gentoo Linux
For all build statuses, check our [daily build project](https://github.com/Neilpang/acmetest):
For all build statuses, check our [daily build project](https://github.com/Neilpang/acmetest):
https://github.com/Neilpang/acmetest
https://github.com/Neilpang/acmetest
# Supported Mode
1. Webroot mode
# Supported modes
2. Standalone mode
3. Apache mode
4. Dns mode
- Webroot mode
- Standalone mode
- Apache mode
- DNS mode
# 1. How to install
# 1. How to install
### 1. Install online:
### 1. Install online
Check this project: https://github.com/Neilpang/get.acme.sh
Check this project: https://github.com/Neilpang/get.acme.sh
```bash
```bash
curl https://get.acme.sh | sh
curl https://get.acme.sh | sh
```
```
Or:
Or:
```bash
```bash
wget -O - https://get.acme.sh | sh
wget -O - https://get.acme.sh | sh
```
```
### 2. Or, Install from git:
### 2. Or, Install from git
Clone this project:
Clone this project and launch installation:
```bash
```bash
git clone https://github.com/Neilpang/acme.sh.git
git clone https://github.com/Neilpang/acme.sh.git
@ -82,14 +82,14 @@ cd ./acme.sh
You `don't have to be root` then, although `it is recommended`.
You `don't have to be root` then, although `it is recommended`.
The parameter `/home/wwwroot/example.com` is the web root folder. You **MUST** have `write access` to this folder.
The parameter `/home/wwwroot/example.com` is the web root folder. You **MUST** have `write access` to this folder.
Second argument **"example.com"** is the main domain you want to issue cert for.
Second argument **"example.com"** is the main domain you want to issue the cert for.
You must have at least a domain there.
You must have at least one domain there.
You must point and bind all the domains to the same webroot dir: `/home/wwwroot/example.com`.
You must point and bind all the domains to the same webroot dir: `/home/wwwroot/example.com`.
Generate/issued certs will be placed in `~/.acme.sh/example.com/`
Generated/issued certs will be placed in `~/.acme.sh/example.com/`
The issued cert will be renewed every **60** days automatically.
The issued cert will be renewed automatically every **60** days.
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
# 3. Install the issued cert to apache/nginx etc.
# 3. Install the issued cert to Apache/Nginx etc.
After you issue a cert, you probably want to install/copy the cert to your nginx/apache or other servers.
After you issue a cert, you probably want to install/copy the cert to your Apache/Nginx or other servers.
You **MUST** use this command to copy the certs to the target files, **Do NOT** use the certs files in **.acme.sh/** folder, they are for internal use only, the folder structure may change in future.
You **MUST** use this command to copy the certs to the target files, **DO NOT** use the certs files in **~/.acme.sh/** folder, they are for internal use only, the folder structure may change in the future.
Only the domain is required, all the other parameters are optional.
Only the domain is required, all the other parameters are optional.
Install/copy the issued cert/key to the production apache or nginx path.
Install/copy the issued cert/key to the production Apache or Nginx path.
The cert will be `renewed every **60** days by default` (which is configurable). Once the cert is renewed, the Apache/Nginx service will be restarted automatically by the command: `service apache2 restart` or `service nginx restart`.
The cert will be `renewed every **60** days by default` (which is configurable). Once the cert is renewed, the apache/nginx will be automatically reloaded by the command: `service apache2 reload` or `service nginx reload`.
# 4. Use Standalone server to issue cert
# 4. Use Standalone server to issue cert
**(requires you be root/sudoer, or you have permission to listen tcp 80 port)**
**(requires you to be root/sudoer or have permission to listen on port 80 (TCP))**
The tcp `80` port **MUST** be free to listen, otherwise you will be prompted to free the `80` port and try again.
Port `80` (TCP) **MUST** be free to listen on, otherwise you will be prompted to free it and try again.
If your DNS provider is not on the supported list above, you can write your own DNS API script easily. If you do, please consider submitting a [Pull Request](https://github.com/Neilpang/acme.sh/pulls) and contribute it to the project.
If your DNS provider is not on the supported list above, you can write your own script API easily. If you do please consider submitting a [Pull Request](https://github.com/Neilpang/acme.sh/pulls) and contribute to the project.
For more details: [How to use DNS API](dnsapi)
For more details: [How to use dns api](dnsapi)
# 9. Issue ECC certificate:
# 9. Issue ECC certificates
`Let's Encrypt`now can issue **ECDSA** certificates.
`Let's Encrypt` can now issue **ECDSA** certificates.
And we also support it.
And we support them too!
Just set the `length` parameter with a prefix `ec-`.
Just set the `length` parameter with a prefix `ec-`.