name: autocert
on:
workflow_dispatch:
env:
# Checkout 到的目录
CERTS_OUTPUT_BASE: BASE
# 证书输出目录
CERTS_OUTPUT_DIRECTORY: example.com
# 证书文件名
FILE_FULLCHAIN: fullchain.cer
# 私钥文件名
FILE_KEY: private.key
jobs:
issue-ssl-certificate:
name: Issue SSL certificate
runs-on: ubuntu-latest
steps:
- name: Checkout the default branch
uses: actions/checkout@v3
- uses: Menci/acme@v1
with:
version: 3.0.4
account-tar: ${{ secrets.ACME_SH_ACCOUNT_TAR }}
domains: example.com
append-wildcard: true
arguments: --dns dns_cf --keylength ec-384
output-fullchain: ${{ env.CERTS_OUTPUT_BASE }}/${{ env.CERTS_OUTPUT_DIRECTORY }}/${{ env.FILE_FULLCHAIN }}
output-key: ${{ env.CERTS_OUTPUT_BASE }}/${{ env.CERTS_OUTPUT_DIRECTORY }}/${{ env.FILE_KEY }}
- name: Commit & Push
run: |
git config --local user.email "my@email"
git config --local user.name "UptonEdward"
git add --all
git commit -m "Update"
git push
[Wed Nov 2 23:22:09 UTC 2022] Your cert is in: /home/runner/.acme.sh/example.com_ecc/example.com.cer
[Wed Nov 2 23:22:09 UTC 2022] Your cert key is in: /home/runner/.acme.sh/example.com_ecc/example.com.key
[Wed Nov 2 23:22:09 UTC 2022] The intermediate CA cert is in: /home/runner/.acme.sh/example.com_ecc/ca.cer
[Wed Nov 2 23:22:09 UTC [202](https://github.com/UptonEdward/xxx#stop4:207)2] And the full chain certs is there: /home/runner/.acme.sh/example.com_ecc/fullchain.cer
Run ACME_SH_TEMP_DIR="$(mktemp -d)"
[Wed Nov 2 23:22:10 UTC 2022] The domain 'example.com' seems to have a ECC cert already, please add '--ecc' parameter if you want to use that cert.
[Wed Nov 2 23:22:10 UTC 2022] The domain 'example.com' is not a cert name. You must use the cert name to specify the cert to install.
[Wed Nov 2 23:22:10 UTC 2022] Can not find path:'/home/runner/.acme.sh/example.com'
Error: Process completed with exit code 1.
actions配置文件:
actions中证书申请成功,但后续步骤报错: