-
-
Notifications
You must be signed in to change notification settings - Fork 47
Example commands for acme clients
grindsa edited this page Jun 27, 2025
·
4 revisions
acme.sh --server http://<server address> --register-account --accountemail <email address> --debug 2 --output-insecureacme.sh --server http://<server address> --deactivate-account --debug 2 --output-insecureacme.sh --server http://<server address> --issue -d acme-1.example.com -d acme-2.example.com --standalone --debug 2 --output-insecure --forceacme.sh --server http://<server address> --revoke -d acme-1.example.com -d acme-2.example.com --debug 2 --output-insecurecertbot register --agree-tos -m <email address> --server http://<server address> --no-eff-emailrm -rf /etc/letsencrypt/accounts/*certbot certonly --server http://<server address> --standalone --preferred-challenges http -d certbot-1.example.com -d certbot-2.example.com --cert-name certbot-testcertbot revoke --server http://<server address> --cert-name certbot-testIMPORTANT: by default a CSR generated by certbot does not contain any subject name. Such CSR will be refused by enterprise CA servers. For mitigation you need to create a CA policy setting a subject name. Example CA policy for Insta Certifier
lego -s http://<server address> -a --email <email address> -d lego-1.bar.local -d lego-2.bar.local --http runlego -s http://<server address> -a --email <email address> -d lego-1.bar.local revokeacmeshell -directory http://<server address> -postAsGet=true> newAccount [email protected],> newOrder -identifiers=foo.bar> getOrder -order 0> getAuthz -order=0 -identifier=foo.bar> getChall -order=0 -identifier=foo.bar -type=http-01> solve -order=0 -identifier=foo.bar -challengeType=http-01> poll -order=0> finalize -order=0> poll -order=0 -status=valid> getCert -order=0