Warning: Privacy Protection
Before using this project, please ensure:
- Create a Private Repository
- Push this project's code to your private repository
⚠️ Never use this in public repositories, as SSL certificate private keys may be exposed
Auto-SSL is an automated SSL certificate management solution based on GitHub Actions. By integrating the acme.sh tool, it provides secure and reliable SSL certificate auto-issuance and renewal services for your domains.
- 🔐 Automated Certificate Issuance: Automatically issue SSL certificates based on ACME protocol
- 🔄 Smart Renewal Management: Daily certificate validity checks, auto-renewal within 30 days
- 📝 Detailed Operation Logs: Daily check reports automatically synced to
CHECK_LIST.md - 🌐 Wildcard Domain Support: Support for wildcard domain certificates
- 🔑 Dual Encryption Algorithms: Provides both ECDSA and RSA encryption algorithm certificates
- 💾 Version Control Storage: Securely store certificate files through Git commits
- ☁️ Cloudflare Integration: Deep integration with Cloudflare DNS API
- Own a valid domain name
- Domain hosted on Cloudflare
- GitHub account with repository management permissions
Ensure you own a domain name. If you need to register one, you can use the following registrars:
- Alibaba Cloud
- Tencent Cloud
- GoDaddy
- Namecheap, etc.
Migrate your domain DNS resolution service to Cloudflare:
- Register a Cloudflare account
- Add your domain
- Follow the instructions to modify nameservers
- Wait for DNS propagation to complete
Get API Token:
- Visit Cloudflare API Token Management Page
- Click "Create Token"
- Select custom token and configure the following permissions:
- Permissions:
Zone:Zone:Read,Zone:DNS:Edit - Zone Resources: Select target domain
- Permissions:
Get Account ID:
- Log into Cloudflare dashboard
- Select any hosted domain
- Find "Account ID" in the right sidebar
Set the following secret variables in your GitHub repository:
Path: Settings → Security → Secrets and variables → Actions
| Variable Name | Description | Example |
|---|---|---|
CF_TOKEN |
Cloudflare API Token | 1234567890abcdef... |
CF_ACCOUNT_ID |
Cloudflare Account ID | abcdef1234567890... |
EMAIL |
Email address for certificate application | admin@example.com |
Path: Settings → Actions → General → Workflow permissions
Select: Read and write permissions
Edit the cloudflare_domains_list.txt file in your repository:
example.com
*.example.com
subdomain.example.com
Enter one domain per line, wildcard domains are supported
- Go to the
Actionstab - Select the corresponding workflow
- Click "Run workflow" to trigger manually
- Certificate Check: Automatically executes daily at UTC 00:00
- Renewal Threshold: Auto-renewal when certificate validity is less than 30 days
- Status Reports: Detailed logs recorded in
CHECK_LIST.mdfile
Q: Certificate application failed? A: Please check:
- Cloudflare API Token permission settings
- Domain DNS record correctness
- GitHub Secrets configuration completeness
Q: Workflow execution failed? A: Please review:
- Actions run logs
- Network connection status
- API call limits
If you encounter issues, please:
- Check the Issues page
- Submit detailed error logs
- Describe your configuration environment
This project is licensed under an open source license. Please refer to the LICENSE file for details.