https://github.com/Neilpang/acme.sh
acme.sh –issue -d test.com -w /httpd/test.com/www/
[Wed Mar 14 14:56:37 UTC 2018] Single domain=’test.com’
[Wed Mar 14 14:56:37 UTC 2018] Getting domain auth token for each domain
[Wed Mar 14 14:56:37 UTC 2018] Getting webroot for domain=’test.com’
[Wed Mar 14 14:56:37 UTC 2018] Getting new-authz for domain=’test.com’
[Wed Mar 14 14:56:38 UTC 2018] The new-authz request is ok.
[Wed Mar 14 14:56:38 UTC 2018] Verifying:test.com
[Wed Mar 14 14:56:41 UTC 2018] Success
[Wed Mar 14 14:56:41 UTC 2018] Verify finished, start to sign.
[Wed Mar 14 14:56:42 UTC 2018] Cert success.
—–BEGIN CERTIFICATE—–
….
—–END CERTIFICATE—–
[Wed Mar 14 14:56:42 UTC 2018] Your cert is in /root/.acme.sh/test.com/test.com.cer
[Wed Mar 14 14:56:42 UTC 2018] Your cert key is in /root/.acme.sh/test.com/test.com.key
[Wed Mar 14 14:56:42 UTC 2018] The intermediate CA cert is in /root/.acme.sh/test.com/ca.cer
[Wed Mar 14 14:56:42 UTC 2018] And the full chain certs is there: /root/.acme.sh/test.com/fullchain.cer
https://github.com/Neilpang/acme.sh/wiki/DNS-alias-mode
acme.sh –issue -d domaina.com -d ‘*.domaina.com’ –challenge-alias domainb.com –dns dns_cf –debug