Skip to content

Latest commit

 

History

History
175 lines (113 loc) · 4.85 KB

README.md

File metadata and controls

175 lines (113 loc) · 4.85 KB

AutoSSL

Help you secure your applications with free SSL certificates. This tool is designed for simple and straightforward usage, for more complex and wider supported of OS, please use https://acme.sh/

Cirle CI Tested Ubuntu version Tested Ubuntu version Tested Centos version

😇 A ⭐ from you will make my day full of happiness 😇

Table of contents

  1. Installation
  2. Usage
  3. Cloud integration
  4. Automate renewal
  5. Local servers integration
  6. Contribution
  7. License

Installation

Using the installer

curl -s -L  https://raw.githubusercontent.com/tekuasia/autossl/master/bin/installer.sh | sudo bash

Usage

All commands can be listed using autossl help:

Screenshot

To generate free SSL certificate for a domain

autossl [email protected] example.com

To generate free SSL certificate for wildcard domains

autossl [email protected] example.com *.example.com *.tld.example.com

To automatically renew all certificates

autossl renew

Cloud integration

AWS ACM

We need to prepare an AWS user with these permissions:

  • acm:ImportCertificates
  • acm:DescribeCertificate
  • acm:ListCertificates

To synchronize your certificates to AWS ACM

autossl sync acm

AWS IAM

We need to prepare an AWS user with these permissions:

  • iam:UploadServerCertificate

To synchronize your certificates to AWS IAM

autossl sync iam

Please note: Your certificates will be saved into IAM as <domain-names>-YYYY-MM. For example, you synchronize certificate for example.com in June 2019, it will be named as example-com-2019-06

Google Cloud

We need to enable cloud compute engine at https://console.developers.google.com/apis/api/compute.googleapis.com

To synchronize your certificates to Google Cloud

autossl sync gcloud

Please note: Your certificates will be saved into Gcloud as <domain-names>-YYYY-MM. For example, you synchronize certificate for example.com in June 2019, it will be named as example-com-2019-06

Automate renewal

Renewal without cloud

We suggest you to setup cronjob for automatically check expiration of certifcates everyday (There could be other approaches)

crontab –e

Then add this line to make renewal automated everyday at 3:00

00 03 * * * autossl renew

Renewal with cloud

We suggest you to setup cronjob for automatically check expiration of certifcates everyday (There could be other approaches)

[Optional] Init AWS for the first time if you are using AWS to manage SSL

autossl init-aws

[Optional] Init Google Cloud for the first time if you are using Google Cloud to manage SSL

autossl init-gcloud

Open crontab editor

crontab –e

Then add this line to make renewal automated and renewed certificates synced to cloud provider automatically everyday at 3:00

00 03 * * * autossl sync <provider> "$(autossl renew -d)"

Local servers integration

Here are some helpful references for local servers integration instruction:

For nginx: https://gist.github.com/nrollr/9a39bb636a820fb97eec2ed85e473d38

For Apache: https://techmonger.github.io/50/certbot-apache-configuration/

Contribution

Everyone deserves free SSL certificates and free security. This tool was born for that purpose: Make it easier for people to get free SSL certificates. I really need your help to make this tool better.

If you want to help me, please fork this repository, make your changes and give me a pull request.

Thank you :)

License

These code are licensed under MIT License. You are free to use any parts of it.

KEEP CALM AND CODE ON 🍻