github
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh
1
0
Fork 0
Code Issues Releases Wiki Activity

Updated Synology RT1900ac install guide (markdown)

master
Fernando Miguel 2017-04-28 14:44:31 +01:00
parent df7660b476
commit ae75975cc0
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
Synology-RT1900ac-install-guide.md

@ -1,22 +1,31 @@
I got tired of manually maintaining Let's Encrypt on my laptop to update my Router. I got tired of manually maintaining Let's Encrypt on my laptop to update my Router.
so I now pushed that to the router itself. so I now pushed that to the router itself.
here's the HowTo (xpost https://forum.synology.com/enu/viewtopic.php?f=265&t=123003 ). here's the HowTo (xpost https://forum.synology.com/enu/viewtopic.php?f=265&t=123003 ).
I've used https://github.com/Neilpang/acme.sh , a 3rd party client for Let's Encrypt, based on Perl. no extra dependencies.
I've used https://github.com/Neilpang/acme.sh , a 3rd party client for Let's Encrypt, based on shell scripting. no extra dependencies.
I've also used it with DNS01 protocol, which means, I don't have any ports open on the router to do the validation, instead it use Cloudflare API, where I host my domain. I've also used it with DNS01 protocol, which means, I don't have any ports open on the router to do the validation, instead it use Cloudflare API, where I host my domain.
Since the Router shell is very limited, there are several constraints. the most important of all, there is no crontab. Since the Router shell is very limited, there are several constraints. the most important of all, there is no crontab.
trying the default install trying the default install
```
$ wget -O - https://get.acme.sh | sh $ wget -O - https://get.acme.sh | sh
```
, will fail because of crontab. , will fail because of crontab.
so we have to do it manually so we have to do it manually
```
$ wget https://github.com/Neilpang/acme.sh/archive/master.tar.gz $ wget https://github.com/Neilpang/acme.sh/archive/master.tar.gz
$ tar xvf master.tar.gz $ tar xvf master.tar.gz
$ cd acme.sh-master/ $ cd acme.sh-master/
$ ./acme.sh --install --nocron --home /volume1/@appstore/acme.sh $ ./acme.sh --install --nocron --home /volume1/@appstore/acme.sh
log out and login to ssh again log out and login to ssh again
```
so install is done :) so install is done :)
@ -28,14 +37,18 @@ export CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
export CF_Email="xxxx@sss.com" export CF_Email="xxxx@sss.com"
now to create your cert now to create your cert
```
$ ./acme.sh --issue --post-hook "/usr/syno/sbin/synoservicecfg --restart httpd-sys" --dns dns_cf --certpath /usr/syno/etc/ssl/ssl.crt/server.crt --keypath /usr/syno/etc/ssl/ssl.key/server.key --fullchainpath /usr/syno/etc/ssl/ssl.intercrt/server-ca.crt --config-home /volume1/@appstore/acme.sh/ --dnssleep 15 -d YOURDOMAIN.TLD $ ./acme.sh --issue --post-hook "/usr/syno/sbin/synoservicecfg --restart httpd-sys" --dns dns_cf --certpath /usr/syno/etc/ssl/ssl.crt/server.crt --keypath /usr/syno/etc/ssl/ssl.key/server.key --fullchainpath /usr/syno/etc/ssl/ssl.intercrt/server-ca.crt --config-home /volume1/@appstore/acme.sh/ --dnssleep 15 -d YOURDOMAIN.TLD
```
simple right? simple right?
since there is no crontab, we need to manually add it to cron. since there is no crontab, we need to manually add it to cron.
```
$ vi /etc/crontab $ vi /etc/crontab
and add something like and add something like
3 2 * * 2 root /root/.acme.sh/acme.sh --cron 3 2 * * 2 root /root/.acme.sh/acme.sh --cron
:wq :wq
```
HTH HTH