Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


[Opensource] bash script to automatically generate free ssl certificate from startssl.com
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

[Opensource] bash script to automatically generate free ssl certificate from startssl.com

This is a pure shell script to automatically generate free ssl certificate from startssl.com.

https://github.com/Neilpang/startapi.sh

The usage is very similar to my another project acme.sh to generate certs from let's encrypt.
https://github.com/Neilpang/acme.sh

For more usage see the project page readme:

https://github.com/Neilpang/startapi.sh

Fork&PR&Star welcomed.

Thanks.

Comments

  • mailcheapmailcheap Member, Host Rep

    Bookmarked. Thanks

  • RIYADRIYAD Member, Patron Provider

    looks great !

    Thank you

  • FritzFritz Veteran

    Bookmarked.

  • tommytommy Member

    holy shit :)

    if starssl offer api with full documentation these script will a lot shorten.

    thanks for script, I'll give try later today

  • ardaarda Member
    edited June 2016

    Great, bookmarked!

    Not totally related, but to get SSL certificate with a single command, I do this with Let's Encrypt:

    certbot-auto certonly --standalone --agree-tos --redirect --duplicate --text --email [email protected] -d domain.com -d www.domain.com -d sub.domain.com -d othersub.domain.com
    

    and if I need to renew

    certbot-auto renew
    

    Renew is running for me on cron, and you can make the first one also an alias.

    But this doesn't have auto adding like yours, so this still needs some stuff to handle.

  • Thanks for your work, much appreciated! Let me know if you ever need a free VPS to test stuff out.

    Thanked by 1TheOnlyDK
  • rm_rm_ IPv6 Advocate, Veteran
    edited June 2016

    Amazing to have this, but can't help noting StartEncrypt is still worse than Let's Encrypt.
    Okay, we get the crappy proprietary-only client concern out of the way, but:

    • have to sign up at the website to get the API key -- with LE don't have to sign up anywhere, just run the .sh client;
    • cert is still non-commercial use only, just like the Class 1 StartCom free certs? No such restrictions with LE;
    • can add up to 100 subdomains in one cert at LE; how many subdomains are allowed here?
  • ZappieZappie Member, Host Rep, LIR

    rm_ said: but can't help noting StartEncrypt is still worse than Let's Encrypt

    Just playing devils advocate here with a copy/paste from their email

    (1) Not just get the SSL certificate automatically, but install it automatically; 
    
    (2) Not just Encrypted, but also identity validated to display EV Green Bar and OV organization name in the certificate; 
    
    (3) Not just 90 days period certificate, but up to 39 months, more than 1180 days; 
    
    (4) Not just low assurance DV SSL certificate, but also high assurance OV SSL certificate and green bar EV SSL certificate; 
    
    (5) Not just for one domain, but up to 120 domains with wildcard support; 
    

    There is no arguing with the fact that on paper StartEcrypt offers more for the same free price.

    Personally, I am happy to continue with LetsEcrypt though

    Thanked by 2deadbeef geekalot
  • rm_rm_ IPv6 Advocate, Veteran
    edited June 2016

    Zappie said: with a copy/paste from their email

    (2), (4) cost $199/year for EV, $119/year for OV

    (3), IIRC only up to a year on the free tier, need to pay for longer durations

    (5) wildcard support only on verified accounts from $59/year

    Zappie said: StartEcrypt offers more for the same free price.

    They do not. This is all disingenuous or downright false advertising.

  • JustAMacUserJustAMacUser Member
    edited June 2016

    rm_ said: They do not. This is all disingenuous or downright false advertising.

    Yeah. They really push free with all of this and at the same time downplay the administration fees.

    The way they market this should be illegal, and probably is in some jurisdictions.

    Thanked by 1rm_
  • @JustAMacUser said:
    The way they market this should be illegal, and probably is in some jurisdictions.

    Yeah, let's ban selling to people who can read. We should institutionalize them to @JustAMacUser 's basement and he'll take care of them.

  • I guess I see your point, but I don't particularly like misleading advertisements. It's the same as all these companies providing unlimited everything (whether that be web hosting, cellular plans, etc.). It's disingenuous.

    (And, yeah, I realize I probably shouldn't expect otherwise from companies.)

    Thanked by 2deadbeef ucxo
  • tommytommy Member

    I've test this script . It just works :)

  • Ready in Kloxo-MR 7.0 (beside acme.sh). Thanks.

  • FritzFritz Veteran

    @mustafaramadhan said:
    Ready in Kloxo-MR 7.0 (beside acme.sh). Thanks.

    The startssl one?

    Is nginx only supported?

  • @Fritz said:

    @mustafaramadhan said:
    Ready in Kloxo-MR 7.0 (beside acme.sh). Thanks.

    The startssl one?

    Is nginx only supported?

    StartAPI.

    Support for ALL webservers under control by Kloxo-MR (Nginx, Lighttpd, Hiawatha and Apache),

  • Anyone able to explain in detail all the "hidden" text/fees associated with using the "free" ssl service? Would greatly appreciate it.

  • tommytommy Member

    no hidden fee, except revocation cert about $9.

    if you using wosign, no fee at all

  • WebProjectWebProject Host Rep, Veteran

    tommy said: no hidden fee, except revocation cert about $9.

    Does anyone know how much the validation cost?

    For OV SSL and EV SSL, just charge the validation cost annually, certificate is FREE!

  • tommytommy Member

    $199 for 2 year

  • @mustafaramadhan said:
    Ready in Kloxo-MR 7.0 (beside acme.sh). Thanks.

    @mustafaramadhan
    What should I do to get LE SSLs for Kloxo MR 6?
    thanks

  • qtriangle said: What should I do to get LE SSLs for Kloxo MR 6? thanks

    Really? Necro'ing? smh

Sign In or Register to comment.