Author blog: https://laofahai.cool
A Python tool that uses acme.sh to automatically apply for certificates and deploy them to cloud platforms (such as Alibaba Cloud AliOSS).
You can install certship directly from PyPI:
pip install certshipOr use poetry for development:
poetry installYou can run the tool via poetry:
poetry run certship --helpOr directly after pip install:
certship --helpOr with Python module:
python3 -m certship.cli --helpcertship \
--domain <your domain> \
--dns-provider <dns provider, default ali> \
--platform alioss \
--oss-bucket <OSS bucket name> \
--oss-endpoint <OSS endpoint> \
--ali-key <Aliyun AccessKeyId> \
--ali-secret <Aliyun AccessKeySecret> \
[--ecc] [--run] [--force] [--debug]--domain: The domain to apply for the certificate (required)--dns-provider: DNS provider, default is ali (optional, any DNS plugin supported by acme.sh)--platform: Target platform, currently only supports alioss or tencentcos (required)--oss-bucket: Aliyun OSS bucket name (required for alioss)--oss-endpoint: OSS endpoint (required for alioss)--ali-key: Aliyun AccessKeyId (required for alioss)--ali-secret: Aliyun AccessKeySecret (required for alioss)--ecc: Use ECC certificate (optional)--run: Issue and deploy certificate (optional, if not set, only deploys existing certificate)--force: Force certificate renewal (optional)--debug: acme.sh debug mode (optional)
- Python 3.8+
- poetry
- acme.sh (must be installed and configured, defaults to Let's Encrypt)
- ossutil64 (must be installed and configured for AliOSS)
- Install dependencies:
poetry install - Install acme.sh and configure DNS API
- Install and configure ossutil64 (requires yundun-cert:CreateSSLCertificate permission)
- Run the above command to automatically issue and bind the certificate
- Alibaba Cloud AliOSS
- Tencent Cloud COS
- Local Nginx
- Qiniu Cloud
PRs are welcome!