Install acme.sh using Git and create certificates using Dynu DNS

install_acmesh_using_git.md

Base install / run

Get root shell

$ sudo su -

Install git and socat if needed (e.g.)

# apt install git socat

Create work folder (/root/src)

# mkdir /root/src

Move to work folder

# cd /root/src

Clone acme.sh

# git clone https://github.com/Neilpang/acme.sh.git

Move to acme.sh clone folder

# cd acme.sh

Install acme.sh

# ./acme.sh --install --accountemail "[email protected]"

Relocate to the installed acme.sh folder

# cd ~/.acme.sh

Edit config file (if needed)

# nano account.conf

Add DNS config to file

change to your DNS provider info

Dynu_ClientId='235bb9ee-b3c4-9823-g728-5b363hwes6ef5'
Dynu_Secret='DSsrgbzxcWERQWeASDsad432sdfasdFASDF'

Acme.sh test run (recommended)

Change the DNS provider name if needed

./acme.sh --test --debug --debug --issue --dns dns_dynu -d sub.domain.tld

Acme.sh issue run (force over test cert)

./acme.sh --debug --debug --issue --dns dns_dynu -d sub.domain.tld --force

Define local certs location

mkdir -p /etc/ssl/localcerts

Use acme.sh to install and set reload command for apache/nginx/etc

./acme.sh --debug --installcert -d sub.domain.tld --certpath /etc/ssl/localcerts/sub.domain.tld.pem --keypath /etc/ssl/localcerts/sub.domain.tld.key --fullchainpath /etc/ssl/localcerts/sub.domain.tld-fullchain.cer --reloadcmd "systemctl reload nginx.service"

---

Aftermath

If everything went fine the certificates will be renewed and reinstalled automatically from the cron job.

Now you would just need to configure Apache/Nginx/etc to use the certificates installed at the local folder defined above.
e.g. ( /etc/ssl/localcerts ).