Acme.sh is UNIX shell script that implements the ACMEv2 client protocol. You can use acme.sh to request certificates from Certificate Enrollment Gateway using the ACMEv2 protocol.

To request a certificate using Acme.sh, enter the following command:

Parameters in square brackets are optional parameters. Where:

• --standalone requests a certificate if you do not want to use (or do not have) existing server software.
• --httpport <port> specifies the standalone HTTP listen port. If not specified, the port defaults to port 80. The port (such as port 80) must be available and allowed through any configured firewalls. If another application such as a Web server is running and using the port, disable the application.

• <domain> is a domain to include in the certificate. You can specify multiple domains using multiple -d <domain> parameters. For example:

  -d example.com -d www.example.com
• <CEG-ACME-URL> is the ACMEv2 enrollment URL used to request a certificate from Certificate Enrollment Gateway. For details, see ACMEv2 enrollment URL.
• <ca-file> is the path and file name of the CA certificate bundle, used to verify the Certificate Enrollment Gateway server certificate.

For example: