cd /opt
git clone https://gitee.com/neilpang/acme.sh.git
cd acme.sh
//如果你更倾向于使用 Let's Encrypt(ZeroSSL 是 acme.sh 的默认 CA),可以切换:
./acme.sh --set-default-ca --server letsencryptcd /opt/acme.sh
./acme.sh --issue -d im.n8y.cn -w /usr/local/nginx/html/im/public
cd /opt/acme.sh
./acme.sh --issue -d ai.n8y.cn -w /usr/local/nginx/html/ai/public
cd /opt/acme.sh
./acme.sh --issue -d m.91cff.com -w /usr/local/nginx/html/ms/public
root@iZwz97sm51bf4kuk29l33gZ acme.sh]# ./acme.sh --issue -d im.n8y.cn -w /usr/local/nginx/html/im/public
[Mon Aug 11 08:52:16 CST 2025] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Mon Aug 11 08:52:16 CST 2025] Single domain='im.n8y.cn'
[Mon Aug 11 08:52:16 CST 2025] Getting domain auth token for each domain
[Mon Aug 11 08:52:21 CST 2025] Getting webroot for domain='im.n8y.cn'
[Mon Aug 11 08:52:21 CST 2025] Verifying: im.n8y.cn
[Mon Aug 11 08:52:22 CST 2025] Pending, The CA is processing your order, please just wait. (1/30)
[Mon Aug 11 08:52:27 CST 2025] Pending, The CA is processing your order, please just wait. (2/30)
[Mon Aug 11 08:52:32 CST 2025] Success
[Mon Aug 11 08:52:32 CST 2025] Verify finished, start to sign.
[Mon Aug 11 08:52:32 CST 2025] Lets finalize the order.
[Mon Aug 11 08:52:32 CST 2025] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/2587195816/416626425766'
[Mon Aug 11 08:52:36 CST 2025] Downloading cert.
[Mon Aug 11 08:52:36 CST 2025] Le_LinkCert='https://acme-v02.api.letsencrypt.org/acme/cert/0568274159ffb724c7281bc585ff1b4a5066'
[Mon Aug 11 08:52:37 CST 2025] Cert success.
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgISBWgnQVn/tyTHKBvFhf8bSlBmMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwODEwMjM1NDAzWhcNMjUxMTA4MjM1NDAyWjAUMRIwEAYDVQQD
EwlpbS5uOHkuY24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHngqH
SU48kPkMfBkiLz803ojFS9vWPMJW4VuXvWbW16cKOJwcRvErNcFjaaDO7GCSW328
oD7lpIX8tc7/aReMI5k6gCUfXO76msWiDB2ezMe/Nf1P2jDSzYHlGbi0vLvXC8CM
vsTf/BGnZ2TwADWPtw+1Npu2DtWT6jDFb1RoRNKFLgThkFdm6K8+iF4UCFztCcYp
PHMNDnS+nnCVks55wEfYcBswwqb2gLDOzX1ve3jG+5oJUKNETYylaTk6pjBambHD
+rS0LaHHaC1lLxMoji3fs01K4awdY4aHccH+qNBwBas7wtf7wMzf48+gpBb/57f/
ktL55sCc5TcgwnC/AgMBAAGjggIbMIICFzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE
FNcmFndmblfOXvJVt2aZrxBvO8QRMB8GA1UdIwQYMBaAFMXPRqTq9MPAemyVxC2w
XpIvJuO5MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDovL3IxMS5p
LmxlbmNyLm9yZy8wFAYDVR0RBA0wC4IJaW0ubjh5LmNuMBMGA1UdIAQMMAowCAYG
Z4EMAQIBMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9yMTEuYy5sZW5jci5vcmcv
MTAzLmNybDCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3ABLxTjS9U3JMhAYZw48/
ehP457Vih4icbTAFhOvlhiY6AAABmJadY10AAAQDAEgwRgIhALsKiPKnfNcM9W4Q
NdXEZBcK5PgIzhXCJIubZ9mOF5NNAiEAyOEYfqyklzj8YCNtar7spXX3faX36//a
6pIJezz6G7kAdgCkQsUGSWBhVI8P1Oqc+3otJkVNh6l/L99FWfYnTzqEVAAAAZiW
nWsrAAAEAwBHMEUCIQDOg57QzhcmEmqWuIoEEG3C1+DxEGGemT35KBDx/qmr3QIg
TR/M7lv3X/f6d46s63YNHXJU5/UvbYlRBrWGwv2PQxowDQYJKoZIhvcNAQELBQAD
ggEBAGbZnr1rOhV2YnkzT7bbusaT3hxpIBLv87aFW1HiOLPR9zbVdO1P+fIO35iq
4irIKzRrUnbeelWvQVk8OiGZlWepeXe97Fqh1ZuZzW9K0AClNgNXCJMbwxyNWPRF
GpMLxD3nOryacUbcCC90EEghV3uBzImuUCv48UOkLaRNeMdkhB8wQ7fTaQ+W7dmz
vzOT742OnqXMAeDifj8AuHzsIs/5zxtA4GdxyH1/5EIo9BONywiwTxLyveC0yFrJ
I6x8+IlD4vsF1wjboqDfgPwMlfLeD1+XdZxiK4o2mQEY8Fa/kjdLkhp34nrQJbgX
mvB8M7QMj9n5pPfzl7pQNthSSls=
-----END CERTIFICATE-----
[Mon Aug 11 08:52:37 CST 2025] Your cert is in: /root/.acme.sh/im.n8y.cn/im.n8y.cn.cer
[Mon Aug 11 08:52:37 CST 2025] Your cert key is in: /root/.acme.sh/im.n8y.cn/im.n8y.cn.key
[Mon Aug 11 08:52:37 CST 2025] The intermediate CA cert is in: /root/.acme.sh/im.n8y.cn/ca.cer
[Mon Aug 11 08:52:37 CST 2025] And the full chain certs is there: /root/.acme.sh/im.n8y.cn/fullchain.cer
im.n8y.cn拷贝证书到原路径
./acme.sh --install-cert -d im.n8y.cn \
--key-file /usr/local/nginx/ssl/im.n8y.cn/6581520_im.n8y.cn.key \
--fullchain-file /usr/local/nginx/ssl/im.n8y.cn/6581520_im.n8y.cn.pem \
--reloadcmd 'service nginx force-reload'ai.n8y.cn拷贝证书到原路径
./acme.sh --install-cert -d ai.n8y.cn \
--key-file /usr/local/nginx/ssl/ai.n8y.cn/3869243_ai.n8y.cn.key \
--fullchain-file /usr/local/nginx/ssl/ai.n8y.cn/3869243_ai.n8y.cn.pem \
--reloadcmd 'service nginx force-reload'm.91cff.com拷贝证书到原路径
./acme.sh --install-cert -d m.91cff.com \
--key-file /usr/local/nginx/ssl/m.91cff.com/7944115_m.91cff.com.key \
--fullchain-file /usr/local/nginx/ssl/m.91cff.com/7944115_m.91cff.com.pem \
--reloadcmd 'service nginx force-reload'