Automate issuance and renewal with ACME

Touchless certificate lifecycle with acme.sh.

Automate issuance and renewal with ACME

IDigiTrust natively supports ACME. With acme.sh or Certbot you can fully automate request, deploy and renewal.

Install acme.sh

curl https://get.acme.sh | sh

Issue (DNS mode)

acme.sh --issue --dns dns_cf -d example.com -d *.example.com

Install into Nginx

acme.sh --install-cert -d example.com \
  --key-file /etc/nginx/ssl/example.key \
  --fullchain-file /etc/nginx/ssl/example.crt \
  --reloadcmd nginx -s reload

A cron job renews automatically before expiry.

← Docs