github
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh
1
0
Fork 0
Code Issues Releases Wiki Activity

Add a section for deploying to Zyxel GS1900 series switches for PR #5043

master
Joe Bauser 2025-05-24 18:24:33 -04:00
parent 2100a8ddca
commit 71464ecfcf
1 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
deployhooks.md

@ -1121,8 +1121,42 @@ If you have multiple APs then ensure the management interface doesn't migrate to
Although these notes only mention Unleashed, the deploy hook also supports Ruckus ZoneDirector. Although these notes only mention Unleashed, the deploy hook also supports Ruckus ZoneDirector.
## 36. Deploying to Zyxel GS1900 Series Switches
## 36. Deploying to multiple services with the same hooks This script uses the https web administration interface in order
to upload updated certificates to Zyxel GS1900 series switches.
Only the GS1900-8 and GS1900-24E have been tested but untested
switches from the same model line are expected to work as well.
**Tested Working Switches**
| **Switch Model** | **Minimum Firmware Version** |
|------------------|------------------------------|
| GS1900-8 | V2.80 |
| GS1900-24E | V2.80 |
**Known Issues:**
1. This is a consumer grade switch and is a bit underpowered. RSA 4096 certs may work but you may experience performance problems.
2. Firmware V2.80(Axxx.1)C0 will only accept RSA certificates.
3. Firmware V2.90(Axxx.0)C0 adds support for EC-256 but drops support for RSA-4096.
4. Firmware V2.90(Axxx.1)C0 supports up to RSA-4096 and EC-256 certs.
**Prerequisite Setup Steps:**
1. Install the latest firmware (V2.80 or later) on your switch.
2. Check the known issues above for any certificate compatibility notes for your firmware version.
3. Enable HTTPS web management on your switch.
Usage:
```sh
export DEPLOY_ZYXEL_SWITCH # The switch hostname. (Default: the certificate domain)
export DEPLOY_ZYXEL_SWITCH_USER # The webadmin user. (Default: admin)
export DEPLOY_ZYXEL_SWITCH_PASSWORD # The webadmin password for the switch.
export DEPLOY_ZYXEL_SWITCH_REBOOT # If "1" reboot the switch after a certificate update. (Default: "0")
acme.sh --deploy -d example.com --deploy-hook zyxel_gs1900 # specify --insecure if the switch currently has a self-signed certificate
```
## 37. Deploying to multiple services with the same hooks
Multideploy allows you to deploy your certificates to multiple services, even those that use the same hook. To use this hook, issue a cert and create a new file, `multideploy.yml,` in the certificate directory. This must contain a version and the services to which your certificate will be deployed. All services specified will be used to deploy your certificate! Multideploy allows you to deploy your certificates to multiple services, even those that use the same hook. To use this hook, issue a cert and create a new file, `multideploy.yml,` in the certificate directory. This must contain a version and the services to which your certificate will be deployed. All services specified will be used to deploy your certificate!
### Compatibility ### Compatibility