Skip to main content

ACME

Provider

ProviderwildcardACME server URLDoc
letsencrypthttps://acme-v02.api.letsencrypt.org/directoryhttps://letsencrypt.org/docs/rate-limits/
letsencrypt_testhttps://acme-staging-v02.api.letsencrypt.org/directory
buypasshttps://api.buypass.com/acme/directory
buypass_testhttps://api.test4.buypass.no/acme/directory
zerosslhttps://acme.zerossl.com/v2/DV90https://zerossl.com/documentation/acme/
sslcomhttps://acme.ssl.com/sslcom-dv-rsa, https://acme.ssl.com/sslcom-dv-ecc

Challenge Types

  • HTTP-01
    • http://example.com/.well-known/acme-challenge/<challenge>
    • 要求 80 能被外部访问
    • 一次一个域名
  • DNS-01
    • TXT _acme-challenge.example.com <challenge>
    • 要求能修改 DNS
    • 支持泛域名证书
  • TLS-ALPN-01
    • 与 HTTP-01 类似
    • 使用临时 cert
    • 不需要 80 端口,但要求 443 端口能被外部访问
    • 适用于 TLS-terminating reverse proxies
  • TLS-SNI-01
    • 废弃

Client