mirror of
https://github.com/acmesh-official/acme.sh.git
synced 2025-03-08 14:40:10 +08:00
Further simplification
parent
609fc57528
commit
3a49869c2d
@ -1,61 +1,27 @@
|
||||
# Quick-Start
|
||||
|
||||
## 1. Create application key, secret and consumer
|
||||
|
||||
It is a good security practice to limit the power of individual credentials to limit the damage in case anything goes wrong. acme.sh only requires access to the domain API to deal with the dns-01 challenge.
|
||||
- OVH Europe: https://api.ovh.com/createToken/?GET=/domain/zone/*&POST=/domain/zone/*&PUT=/domain/zone/*
|
||||
- OVH Canada: https://ca.api.ovh.com/createToken/?GET=/domain/zone/*&POST=/domain/zone/*&PUT=/domain/zone/*
|
||||
|
||||
**If you plan to manage SSL certificates for multiple/any zones:**
|
||||
In the page, please select "Unlimited" for the Validity.
|
||||
|
||||
https://api.ovh.com/createToken/?GET=/domain/zone/*&POST=/domain/zone/*&PUT=/domain/zone/*
|
||||
|
||||
**If you plan to manage SSL certificates for a specif zone:**
|
||||
|
||||
https://api.ovh.com/createToken/?GET=/domain/zone/mydomain.com/*&POST=/domain/zone/mydomain.com/*&PUT=/domain/zone/mydomain.com/*&GET=/domain/zone/mydomain.com
|
||||
|
||||
In the page, please select "Unlimited" for the Validity and replace ``mydomain.com`` by the zone you need to manage
|
||||
|
||||
## 2. Set API key and API secret.
|
||||
## 2. Profite!
|
||||
|
||||
```
|
||||
# application key
|
||||
# Credentials
|
||||
export OVH_AK="your application key"
|
||||
|
||||
# application secret
|
||||
export OVH_AS="your application secret"
|
||||
|
||||
# consumer key
|
||||
export OVH_CK="your consumer key"
|
||||
|
||||
acme.sh --issue -d mydomain.com --dns dns_ovh
|
||||
# Generate your certificate
|
||||
acme.sh --issue -d mydomain.com --dns dns_ovh
|
||||
```
|
||||
|
||||
## 3. OVH api support OVH, kimsufi, soyoustart and runabove.
|
||||
The default is using ovh-eu region.
|
||||
# Security
|
||||
|
||||
if you are using ovh-ca region,
|
||||
It is a good security practice to limit what a given API key can in the event it is lost, stolen or anything wrong happens to limit the potential damages. OVH API keys can be limited to a specific domain zone using a simple pattern mechanism. For example, to restrict an OVH API key to manage "mydomain.com", you may use the following settings. Of course this can easily be customized to support any or multiple domains:
|
||||
|
||||
Create app key here: https://ca.api.ovh.com/createToken/
|
||||
|
||||
Then please specify the region in the first step:
|
||||
|
||||
```
|
||||
export OVH_END_POINT=ovh-ca
|
||||
|
||||
export OVH_AK="your application key"
|
||||
|
||||
export OVH_AS="your application secret"
|
||||
|
||||
export OVH_CK="your consumer key"
|
||||
|
||||
acme.sh --issue -d mydomain.com --dns dns_ovh
|
||||
|
||||
```
|
||||
|
||||
Supported regions:
|
||||
```
|
||||
#'ovh-eu' (default)
|
||||
#'ovh-ca':
|
||||
#'kimsufi-eu'
|
||||
#'kimsufi-ca'
|
||||
#'soyoustart-eu'
|
||||
#'soyoustart-ca'
|
||||
#'runabove-ca'
|
||||
```
|
||||
- OVH Europe: https://api.ovh.com/createToken/?GET=/domain/zone/mydomain.com/*&POST=/domain/zone/mydomain.com/*&PUT=/domain/zone/mydomain.com/*&GET=/domain/zone/mydomain.com
|
||||
- OVH Canada: https://ca.api.ovh.com/createToken/?GET=/domain/zone/mydomain.com/*&POST=/domain/zone/mydomain.com/*&PUT=/domain/zone/mydomain.com/*&GET=/domain/zone/mydomain.com
|
||||
|
Loading…
Reference in New Issue
Block a user