Hacker News new | past | comments | ask | show | jobs | submit login

acme.sh is great because it support manual DNS mode. It also way easier to use compare with other similar client. This is all it takes for me.

./acme.sh --issue -d noty.im -d '.noty.im' --dns

It then told me to add TXT record, which I just manually do because I used RackSpace cloudns which has no built-in support.

I manually verify DNS with dig, when it's ready I just do:

./acme.sh --renew -d noty.im -d '.noty.im'

then the cert(private key and full chain) are stored in ~/.acme/noty.im/

These privateky and fullchain can be used directly with nginx without any modification.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact