SSLCerts

Self host acme.sh CA. https://smallstep.com/blog/private-acme-server/

https://blog.sean-wright.com/self-host-acme-server/ https://github.com/acmesh-official/acme.sh

Steps:

install step-ca and acme.sh create step-ca service account home:/var/lib/stepca create acme.sh service account home:/var/lib/acme

If you want certificates to be valid for longer than 24 hours, modify the file /home/step/.step/config/ca.json and add the following configuration to the acme section

run:

doas -u stepca step ca init [You will be prompted for details for the CA which you are now creating]
doas -u stepca step ca provisioner add acme --type ACME add ~step/.step/certs/root_ca.crt to CA Cert root run: sudo update-ca-certificates

CA, Certs, and self hosting infra