1.Download and install the automatic renewal program
After sign in console,you can see the following information on the main page:
Click to download and install the program, then download and install the client.
2.Configure client secret
After installing the client, open the client and you will see the following interface:
Input the client secret key in the input box, which can be found in the console.
Click on the icon after the key, display the key. Copy the key and paste it into the client.
Enter the key and click the "Verify" button.
3.Upgrade HTTP site to HTTPS
Assuming you have set up an HTTP site (the actual IP should be your public IP address, this is just for demonstration purposes), you need to upgrade it to an HTTPS site.
Click the upgrade HTTPS button, the pop-up window is as follows:
Enter the port of the https site in the window (be careful to avoid port conflicts), and click "Submit." The program will automatically create an https site with the same domain name and start requesting an https certificate.
Upon first use, your DNS domain verification is not configured. The program will pop up the following DNS verification page.
At this time, you need to log in to the domain service provider's console to set up domain name resolution. Copy the host record and record value in the popup window, and add a CNAME record.
After configuring the DNS resolution, return to the client side.
Click the "Validate DNS" button.
Verification results show √ (due to DNS cache reasons, you may need to click the "Verify DNS" button multiple times for the checkmark to appear). Afterward, click the "Apply Certificate" button to start applying for the certificate.
Follow the prompt and do not close the program during the application process.
After click confirm,certificate status is shown as pending, and a few minutes later, the certificate is issued successfully and automatically configured into the domain. The display is as follows:
4.Automatic SSL Certificate Renewal
After you have correctly configured the secret key, the program will automatically generate a scheduled task at 10 o'clock in the morning. It will automatically check and renew the certificate at 10 o'clock every day when necessary (if the certificate is invalid or expires within 10 days).
After you have correctly configured the key, the program will automatically generate a scheduled task at 10 AM every morning. It will automatically check and renew the certificate if necessary (invalid or valid for less than 10 days).
Affected by cross-regional network issues, there may be delays in certificate issuance or renewal failures. Therefore, it is necessary to reserve 10 days for renewal to retry after a renewal failure.
The client also supports manual certificate application, which you can apply for manually when necessary.