HiCA: Free 180-day SSL, issued by ACME, supports wildcards, multiple domain names and IP certificates!

HiCA is a domestic certificate brand that provides ACME public welfare issuance services. The world's first CA that publicly states that it does not provide and prohibits agents from providing any form of Web UI, desktop UI, etc. application interface, can still sell it and get money back. Moreover, HiCA is also the world's first ACME CA to support IPv4; it is also the world's first ACME CA to support IPv6; and the world's second non-modified ACME CA to provide mainland OCSP. Provide a complete set of IoT security solutions. Please visit the official website for more information.

1. HiCA official website

Click here to enter the HiCA official website

2. Issuance of HiCA Public Welfare Certificate

1. Use root privileges on the Linux server to execute the following command. After the security is completed, reconnect to ssh, and then enter acme.sh to make acme effective. If a version number like v3.0.3 is displayed, it means the installation is successful!

curl https://gitcode.net/cert/cn-acme.sh/-/raw/master/install.sh?inline=false -s | sh -s

2. Keep acme.sh in the latest version and execute the following command

Upgrade acme.sh to the latest version: acme.sh --upgrade Turn on automatic upgrade: acme.sh --upgrade --auto-upgrade Turn off automatic updates: acme.sh --upgrade --auto-upgrade 0

3. When using HICA, you must register the current device! Otherwise, SSL cannot be issued normally! Execute the following command to replace the email address with your own!

acme.sh --register-account --accountemail \ my@example.com \ --server http://acme.hi.cn/directory

After the execution is completed, if the following content is displayed, the registration is successful

❯ acme.sh --register-account --accountemail \ \ --server http://acme.hi.cn/directory [Tuesday, August 2, 2022 21:38:53 CST] Registering account: http://acme.hi.cn/directory [Tuesday, August 2, 2022 21:38:55 CST] Registered [Tuesday, August 2, 2022 21:38:55 CST] ACCOUNT_THUMBPRINT='pAQLaWoYYD5PXp1YbrqFtF3BcU_bv3Ns96c51VyT80g'

4. Please refer to the official tutorial for DNS verification and HTTP verification: DNS verification

5. After adding dns resolution, you can directly apply for a certificate through the following command! Remember to add English quotation marks to the domain name when using wildcard characters! Similar to: '*.example.com'! There is no need to add a first-level domain name! If it prompts that the acme.sh command does not exist, just cd to the relative path in the /home/.acme.sh directory and execute the command.

~/.acme.sh/acme.sh --issue -d www1.hi.cn --dns dns_dp --server http://acme.hi.cn/directory --days 150 --force

6. After the issuance is completed, the certificate will be in the corresponding domain name folder in the acme.sh directory in the root directory of the server! You need to manually copy the certificate (full_chain.pem and key.pem, open in plain text mode) and paste it to the cdn or server you need to use!

Recommended site searches: space registration, foreign space, dynamic IP server, telecommunications server rental, anti-complaint server, independent IP space, ICP registration query, IP address search, registered domain name, registration-free virtual host,