Automatically issue and renew a free SSL certificate for your domain with zero manual steps
Get a wildcard certificate that covers all subdomains of your site in one certificate
Set up HTTPS on shared hosting without root or sudo access
Install renewed certificates directly into Nginx or Apache so your web server is always up to date
| acmesh-official/acme.sh | pyenv/pyenv | tw93/mole | |
|---|---|---|---|
| Stars | 46,476 | 44,715 | 50,268 |
| Language | Shell | Shell | Shell |
| Setup difficulty | easy | easy | easy |
| Complexity | 2/5 | 2/5 | 2/5 |
| Audience | ops devops | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
No dependencies beyond a POSIX shell, does not require root access.
acme.sh is a shell script that automates the process of obtaining and renewing free SSL/TLS certificates for websites. SSL/TLS certificates are the technology behind the padlock icon in browsers, they encrypt traffic between a website and its visitors and prove the website's identity. Services like Let's Encrypt provide these certificates for free, but the process of obtaining and renewing them involves a standardized protocol called ACME (Automatic Certificate Management Environment) that requires answering domain ownership challenges, handling cryptographic operations, and scheduling renewals before certificates expire. Doing all of this manually every 60-90 days is tedious and error-prone. acme.sh automates the entire lifecycle. The key characteristic that distinguishes this tool from similar ones like Certbot is that it is written entirely in POSIX shell script with no dependencies on Python, Ruby, or any other runtime environment. This makes it extremely portable: it runs on Linux, macOS, FreeBSD, OpenBSD, and many other Unix variants using whatever shell is already present. You do not need root or sudo access to run it, which makes it suitable for shared hosting and constrained environments. It supports all ACME certificate authorities including Let's Encrypt, ZeroSSL, and BuyPass. It handles multiple certificate types including wildcard certificates (which cover all subdomains) and SAN certificates (which cover multiple domain names in one certificate). Once installed, it sets up a cron job that automatically renews certificates before they expire and can install them directly into web servers like Nginx and Apache. You would use acme.sh when running any web server that needs HTTPS and you want certificate issuance and renewal to be fully automated with minimal dependencies and no ongoing manual intervention.
acme.sh is a single shell script that automatically gets free SSL certificates for your website from Let's Encrypt and renews them before they expire, no Python or special software required, works on any Unix system.
Mainly Shell. The stack also includes Shell, POSIX shell.
Setup difficulty is rated easy, with roughly 30min to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.