Let\\’s Encrypt pan-domain SSL certificate application and quick acquisition with DNSPOD API

Among the many free SSL certificates, Let\\’s Encrypt may be the one that everyone uses the most. Although each cycle is only 90 days, some of our one-click WEB installation packages or using our own methods can automatically renew in advance and achieve permanent free use. Moreover, Let\\’s Encrypt certificate is also recognized by many organizations. Snail has also mentioned the installation and application of Let\\’s Encrypt certificate many times in previous blog posts.

Last year, I saw an article mentioning that pan-domain name resolution would be supported. If this could be achieved, it would indeed bring benefits to users. At least applying for a second-level domain name certificate would not require re-application every time. You can directly apply for a second-level domain name certificate. Just use a pan-domain SSL certificate. In the past few days, I have seen many articles mentioning that you can apply through scripts. The script from \\"https://github.com/Neilpang/acme.sh\\" can implement multiple ways of application.

In this article, Snail will demonstrate how to quickly issue application certificates using the DNSPOD API interface. In this way, you can record the application process for future use when needed.

Other articles about certificates shared by Snail in the blog post:

1. Record the stupid solution to the problem of being unable to update the Let\\’s Encrypt certificate in Oneinstack’s one-click environment

2. LNMP V1.4 official version installation and new Let\\’s Encrypt one-click installation and other functions

3. Pagoda Linux panel quickly installs free Let\\’s Encrypt SSL certificate and automatically renews

First, install the necessary software packages

Running the script directly will prompt an error message such as "It is recommended to install socat first". You need to install the necessary software packages in advance. Here is the article introduction with reference to \\"https://www.cmsky.com/lets-encrypt-wildcard-ssl/\\".

1. Debian/Ubuntu

apt-get update && apt-get install curl -y && apt-get install cron -y && apt-get install socat -y

2. CentOS

yum update && yum install curl -y && yum install cron -y && yum install socat -y

Second, install acme.sh

curl https://get.acme.sh | sh

Third, obtain DNSPOD API

1. Domain name resolution

What Snail is trying here is to use the DNSPOD API to automatically obtain the certificate, so we need to add the domain name applying for the certificate to DNSPOD resolution.

2. Create API

Log in to the DNSPOD backend, in \\"Security Settings\\", find the picture above and add the creation API.

We need to copy and record the information in the interface that pops up here. Because it is only shown once. We need ID and Token.

3. Input API

export DP_Id=\\”ID number\\” export DP_Key=\\”Token string\\”

Make the above two lines of script ID and KEY correspond to the ID and Token of the API we obtained respectively, then post it in SSH and press Enter.

Fourth, issue SSL certificate

~/.acme.sh/acme.sh –issue -d laobuluo.com -d *.laobuluo.com –dns dns_dp

You can automatically apply for Let\\’s Encrypt pan-domain name certificate if you change it to our domain name or a pan-domain name or multiple other second-level domain names as needed. As long as there are no problems with our configuration above, the whole process will be automatic below.

The certificate was successfully applied for, and the certificate files were automatically stored in the corresponding domain name folder of /root/.acme.sh/. We can download it and save it locally or directly call the certificate in this directory when applying the certificate. And I saw this script from the document\\"Automatically create a cronjob for you, automatically detect all certificates at 0:00 every day, if it is about to expire and needs to be updated, the certificate will be automatically updated\\", so we are deploying SSL directly call the default location, do not copy to other directories.

Fifth, summary

1. Through this article, we can quickly use DNSPOD API to obtain Let\\’s Encrypt domain name certificate.

2. And the script automatically creates automatic renewal, so that we need to deal with renewal issues after the 90 days expire.

3. In this article, Snail will share the application for DNSPOD API. Later, I will have time to share several other methods of application, such as other commonly used third-party DNS, and whether the installation is valid after applying for a pan-analytic certificate. This will be discussed later. Write a separate article on how to install it on the website.

Recommended site searches: IP reverse domain name check, website registration information, foreign server rental, US server URL, domain name registration website query, me domain name, domain name registration website, pw domain name, Google permanently free server, domain name registration price,