ThirdMirrors
/
acme.sh
mirror of https://gitee.com/Hawkin99/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Specify `--home` for issue and deploy steps in order to prevent certs being placed in the default `/root/.acme.sh` location (and thus wiped after a DSM update).

Matthijs Langenberg 2020-09-07 13:53:15 +02:00
parent 181dce850c
commit 505cb3f163
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Synology-NAS-Guide.md

@ -47,7 +47,7 @@ Now it's time to create the certificate for your domain:
$ cd /usr/local/share/acme.sh $ cd /usr/local/share/acme.sh
$ export CERT_DOMAIN="your-domain.tld" $ export CERT_DOMAIN="your-domain.tld"
$ export CERT_DNS="dns_cf" $ export CERT_DNS="dns_cf"
$ ./acme.sh --issue -d "$CERT_DOMAIN" --dns "$CERT_DNS" $ ./acme.sh --issue --home . -d "$CERT_DOMAIN" --dns "$CERT_DNS"
``` ```
## Deploy the default certificate ## Deploy the default certificate
@ -60,7 +60,7 @@ $ export SYNO_Username='Admin_Username'
$ export SYNO_Password='Admin_Password!123' $ export SYNO_Password='Admin_Password!123'
# You must specify SYNO_Certificate, for the default certificate, we use an empty string # You must specify SYNO_Certificate, for the default certificate, we use an empty string
$ export SYNO_Certificate="" $ export SYNO_Certificate=""
$ ./acme.sh --deploy -d "$CERT_DOMAIN" --deploy-hook synology_dsm $ ./acme.sh --deploy --home . -d "$CERT_DOMAIN" --deploy-hook synology_dsm
``` ```
Note that if the user entered for `SYNO_Username` has enabled two-factor authentication (2FA), the login will fail and the error states that user/password is wrong, even if both are correct. Note that if the user entered for `SYNO_Username` has enabled two-factor authentication (2FA), the login will fail and the error states that user/password is wrong, even if both are correct.
@ -74,11 +74,11 @@ export SYNO_DID='YOUR VALUE'
By specifying a different `SYNO_Certificate` and (optionally) `SYNO_Create`, we can deploy multiple certificates to the DSM. These commands assume you are still working in the same terminal and have exported all other necessary variables described above. By specifying a different `SYNO_Certificate` and (optionally) `SYNO_Create`, we can deploy multiple certificates to the DSM. These commands assume you are still working in the same terminal and have exported all other necessary variables described above.
```sh ```sh
$ ./acme.sh --issue -d "subdomain.$CERT_DOMAIN" --dns "$CERT_DNS" $ ./acme.sh --issue --home . -d "subdomain.$CERT_DOMAIN" --dns "$CERT_DNS"
# SYNO_Certificate is the description shown under Security -> Certificates in the DSM Control Panel # SYNO_Certificate is the description shown under Security -> Certificates in the DSM Control Panel
$ export SYNO_Certificate="A different certificate" $ export SYNO_Certificate="A different certificate"
$ export SYNO_Create=1 # Says to create the certificate if it doesn't exist $ export SYNO_Create=1 # Says to create the certificate if it doesn't exist
$ ./acme.sh --deploy -d "subdomain.$CERT_DOMAIN" --deploy-hook synology_dsm $ ./acme.sh --deploy --home . -d "subdomain.$CERT_DOMAIN" --deploy-hook synology_dsm
``` ```
## Configuring Certificate Renewal ## Configuring Certificate Renewal