From 4e7d3d0319e604b8e52a60d3a54d0643d9501463 Mon Sep 17 00:00:00 2001 From: neil Date: Fri, 17 Jun 2016 10:45:59 +0800 Subject: [PATCH] fix tls doc --- README.md | 14 ++++++++++++++ acme.sh | 7 +++++++ 2 files changed, 21 insertions(+) diff --git a/README.md b/README.md index a1ebd8a2..0f9e6841 100644 --- a/README.md +++ b/README.md @@ -170,6 +170,20 @@ acme.sh --issue --standalone -d aa.com -d www.aa.com -d cp.aa.com More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert +# Use Standalone tls server to issue cert + +**(requires you be root/sudoer, or you have permission to listen tcp 443 port)** + +acme.sh supports `tls-sni-01` validation. + +The tcp `443` port **MUST** be free to listen, otherwise you will be prompted to free the `443` port and try again. + +```bash +acme.sh --issue --tls -d aa.com -d www.aa.com -d cp.aa.com +``` + +More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert + # Use Apache mode **(requires you be root/sudoer, since it is required to interact with apache server)** diff --git a/acme.sh b/acme.sh index ecd7c551..b08f8856 100755 --- a/acme.sh +++ b/acme.sh @@ -1176,6 +1176,12 @@ _clearup() { _stopserver $serverproc serverproc="" _restoreApache + if [ -z "$DEBUG" ] ; then + rm -f "$TLS_CONF" + rm -f "$TLS_CERT" + rm -f "$TLS_KEY" + rm -f "$TLS_CSR" + fi } # webroot removelevel tokenfile @@ -2359,6 +2365,7 @@ Parameters: --webroot, -w /path/to/webroot Specifies the web root folder for web root mode. --standalone Use standalone mode. + --tls Use standalone tls mode. --apache Use apache mode. --dns [dns_cf|dns_dp|dns_cx|/path/to/api/file] Use dns mode or dns api. --dnssleep [60] The time in seconds to wait for all the txt records to take effect in dns api mode. Default 60 seconds.