Acmesh
https://github.com/acmesh-official/acme.sh
Install Acmesh
curl https://get.acme.sh | sh -s email=my@example.com
Issue cert via DNS(NSD)
export Nsd_ZoneFile="/var/nsd/zones/master/master.zone"
export Nsd_Command="rcctl reload nsd"
cd /root/.acme.sh
./acme.sh --issue --server letsencrypt --dns dns_nsd -d "*.example.com"
It will also crate cron job to update cert
[Fri Sep 23 14:02:17 +07 2022] Your cert is in: /root/.acme.sh/*.example.com/*.example.com.cer
[Fri Sep 23 14:02:17 +07 2022] Your cert key is in: /root/.acme.sh/*.example.com/*.example.com.key
[Fri Sep 23 14:02:17 +07 2022] The intermediate CA cert is in: /root/.acme.sh/*.example.com/ca.cer
[Fri Sep 23 14:02:17 +07 2022] And the full chain certs is there: /root/.acme.sh/*.example.com/fullchain.cer