90 days renewal
My network flow direction:
China Mainland
-> Hong Kong -> direct out
-> (for special traffic) forward to US serverRemember to renew SSL certificate of blog.cutesnake.top. Otherwise, internet traffic forwarding to US server would fail because of SSL verication failure.
Use the following command:
cd ~
cd .acme.sh
acme.sh --issue -d blog.cutesnake.top --webroot /www/wwwroot/blog.cutesnake.top/ --force
(correct output)
[Fri Apr 11 23:55:29 CST 2025] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Fri Apr 11 23:55:29 CST 2025] Single domain='blog.cutesnake.top'
[Fri Apr 11 23:55:30 CST 2025] Getting webroot for domain='blog.cutesnake.top'
[Fri Apr 11 23:55:30 CST 2025] Verifying: blog.cutesnake.top
[Fri Apr 11 23:55:31 CST 2025] Pending, The CA is processing your order, please just wait. (1/30)
[Fri Apr 11 23:55:34 CST 2025] Success
[Fri Apr 11 23:55:34 CST 2025] Verify finished, start to sign.
[Fri Apr 11 23:55:34 CST 2025] Lets finalize the order.
[Fri Apr 11 23:55:34 CST 2025] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/1835370607/373098431387'
[Fri Apr 11 23:55:35 CST 2025] Downloading cert.
[Fri Apr 11 23:55:35 CST 2025] Le_LinkCert='https://acme-v02.api.letsencrypt.org/acme/cert/05cf367e4d70556b0e080b83a9c38aaf74f3'
[Fri Apr 11 23:55:36 CST 2025] Cert success.
-----BEGIN CERTIFICATE-----
acme.sh --install-cert -d blog.cutesnake.top
acme.sh --install-cert -d blog.cutesnake.top --key-file /www/server/panel/vhost/cert/cutesnake.top/privkey.pem --fullchain-file /www/server/panel/vhost/cert/cutesnake.top/fullchain.pem --reloadcmd "service nginx reload"
systemctl restart xray
systemctl status xrayNo need to renew other websites (etc: secretbase) using this method. I can renew those websites using BT Panel. Why blog.cutesnake.top is so special? Because I specifically configured some xray fallback mechanism on this website. View other ariticle in this blog for more information about xray fallback mechanism.
