Where communities thrive

Join over 1.5M+ people
Join over 100K+ communities
Free without limits
Create your own community

Explore more communities

acme.sh/Lobby

People

Repo info

Activity

Nick Janetakis

@nickjanetakis_twitter

so i did what your readme said and set the sleep to 900

but when the record was saved, it used a 7200 TTL

however with DO's API , i set the sleep to 120 and it set the TTL to 120

i wonder why namesilo set such a high TTL

Georg

@teadur

TTL is always tradeoff of load against your nameserver vs how fast clients requery

so having higher ttl means less load to your nameservers

in some enormouse scale it could make a whole lot of difference

Nick Janetakis

@nickjanetakis_twitter

yeah but i mean acme.sh set a 120 TTL when using digitalocean's API

for the TXT challenge

but for namesilo it set a 7200 TTL with a 900 sleep

Georg

@teadur

were the SOA entries for zones identical ?

Nick Janetakis

@nickjanetakis_twitter

looking at the source code, you hardcode a TTL 120 for digitalocean

but for namesilo you don't set a TTL when making the api call

Georg

@teadur

i didnot write acme.sh :)

Nick Janetakis

@nickjanetakis_twitter

oh oops haha

Georg

@teadur

im just a user like you

Nick Janetakis

@nickjanetakis_twitter

thanks for the help btw

Georg

@teadur

Nick Janetakis

@nickjanetakis_twitter

it does seem to be a case where the namesilo api never sets rrttl (the field used by namesilo's api for setting the ttl)

in acme.sh's codebase i mean

aaronstuder

@aaronstuder

Hello

Is there a way to use acme.sh fully automated within a script?

Matt Deering

@mattgphoto

Hey guys, having a heck of a time trying to figure out how to do this with gcloud dns, do I need to edit the dns_gcloud.sh file?

Matt Deering

@mattgphoto

gcloud init for instance, doesn't work on a synology :-D

Matt Deering

@mattgphoto

Ah well, I tried everything I could. With no support, can't use your script. Take care!

kingdevnl

@kingdevnl

Heyo, is letsencrypt down?

John Losito

@jlosito

Hello. Does anyone know if there’s a way to install the client without it automatically setting a cron job?

John Losito

@jlosito

Nevermind. I found it. There’s an option for it. —nocron

John Losito

@jlosito

Is there any way upon installation to not create the aliases?

michealkd

@michealkd

hi there, new to acme.sh - think its awesome as i saved me time creating 2 wildcards.

i run the docker container from docker-hub, question, does Neils container support custom cron parameters, for instance storing a custom --reloadcmd then issuing it after renewals

cliff v

@powerdude

hi. QQ about Synology NAS use. can you use this script to configure SANs with your domain cert? In the UI, you can specify a 'xxxx.synology.me' SAN so that you just need one cert. would the "-d" option work for this?

Haelwenn Monnier

@lanodan

Hi, is there a way to disable the Dns Over {TLS,HTTP}? It's been broken for me and TTL based is fine for me as I'm self-hosted.

neil

@Neilpang

@lanodan Sorry for the problem. you can use --dnssleep 200 to sleep 200 sconds before the dns records propagate, which will disable the auto DNS over HTTPS checkings.

Haelwenn Monnier

@lanodan

Thanks it worked.

neil

@Neilpang

@lanodan please try the latest dev branch without --dnssleep, it should be working now.

Mariano Rodríguez

@MarianoRD

Hello everyone, I'm having an issue when I try to create a certificate with 'dns_dgon' it supposedly creates the TXT record, but then tries to find it in CloudFlare

donnib

@donnib

can i use the docker image to run acme.sh and then get access to the cert outside the docker image thru a volume ?

if so which folder do i mount ?

donnib

@donnib

never mind, i found the wiki explaining it :)

michealkd

@michealkd

Yes you can.

wurzelpanzer

@wurzelpanzer

Hi, i created a dnsapi for easyDNS. I want to contribute it to the community. So I followed almost all the steps in the dev guide. Few questions: how can i edit a wiki entry? How do I upload my file? Thanks;

wurzelpanzer

@wurzelpanzer

I just got it on my own.

Adrian

@adrianpkr_gitlab

Doesn't the --reloadcmd flag imply that acme.sh runs as root? I wouldn't expect a regular user to be able to execute that request.

Moviuro

@moviuro

Hi all! Why would

/usr/local/sbin/acme.sh --ecc --renew --ocsp -d try.popho.be --dns dns_ovh --cert-file /usr/local/etc/ssl/try.popho.be/try.popho.be.cer --key-file /usr/local/etc/ssl/try.popho.be/try.popho.be.key --fullchain-file /usr/local/etc/ssl/try.popho.be/fullchain.cer

NOT put the new files in place in the /usr/local/etc/ssl/try.popho.be/ dir?

The log file at /root/.acme.sh/acme.sh.log does NOT mention that directory anywhere; and acme.sh proudly said "Your cert is in /root/.acme.sh/try.popho.be_ecc/try.popho.be.cer", which is clearly not what I expect

Carl Dong

@dongcarl

Any way to change the --reloadcmd after I have installed the cert?

isshwar

@isshwar

Hi All, I would like to know if i am doing something wrong. I am tried to generate certificates for multiple domains as below
acme.sh --renew --staging --force --dns dns_acmedns -d test1.pageplace.de --dns dns_acmedns -d test2.pageplace.de
but this is generating/renewing certificates only for the first domain test1.pageplace.de and ignoring the second domain test2.pageplace.de. Is there anything wrong with what i am doing?
Also, on the same vm i have 6 domains running behind apache. Now on the account.conf file, I have only the below config. How do i extend it to all my 6 domains on the vm.
SAVED_ACMEDNS_UPDATE_URL=''
SAVED_ACMEDNS_USERNAME=''
SAVED_ACMEDNS_PASSWORD=''
SAVED_ACMEDNS_SUBDOMAIN=''

Erik Hennerfors

@gonace

Hi, is there a way to get the LE TOKEN in one of the hooks? I'm looking at a solution for uploading a token to a database that will and an .NET MVC application reads the correct token depending on what domain is used for accessing /.well-known/acme-challenge

I'm working on a system that auses custom domains that we do not have any controll over, so we'd like to provide letsencrypt cerificates for a wide range of domains.