ECDSA ACME

1. domain=example.com
2.  
3. mkdir /etc/letsencrypt/www.$domain && cd /etc/letsencrypt/www.$domain && openssl ecparam -genkey -name secp384r1 -noout -out www.$domain.key && openssl ecparam -genkey -name secp384r1 -noout -out /root/csrbackup/www.$domain.key.bak
4.  
5. openssl req -new -sha256 -key www.$domain.key -subj "/" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:$domain,DNS:www.$domain")) > www.$domain.csr && openssl req -new -sha256 -key /root/csrbackup/www.$domain.key.bak -subj "/" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:$domain,DNS:www.$domain")) > /root/csrbackup/www.$domain.csr.bak
6.  
7. python /usr/local/bin/acme_tiny.py --account-key /etc/letsencrypt/letsencrypt.key --csr /etc/letsencrypt/www.$domain/www.$domain.csr --acme-dir /srv/www/acme-challenges/ > /etc/letsencrypt/www.$domain/www.$domain.crt
8.  
9. cd /etc/letsencrypt && wget -O - https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem > intermediate.pem
10.  
11. cat www.$domain/www.$domain.crt intermediate.pem > www.$domain/www.$domain.crt+chain
12.  
13. chown -R root:ssl-cert /etc/letsencrypt