Support Acme.sh ECC certificate

[gadget1999]

Since ECC certificates are more secure, is it possible to support Acme.sh created ECC certificates? These certificates can be created like below, and located in domain.com_ecc folder, everything else are the same as regular RSA certificates. acme.sh --issue --keylength ec-384 -d domain.com --standalone

Thanks!

[Acris]

v2ray plugin with ECC certificates can work normally. Make sure the cert path is /root/.acme.sh/yourdomain.com_ecc/fullchain.cer.

[gadget1999]

Looks the issue is behavior in v2ray plugin (it only reads domain.com folder by default, not _ecc folder). This is not something the Dockerfile should handle. I can get it working by specify the cert and key options for v2ray-opts, like below: server;mode=quic;host=yourdomain.com;cert=/root/.acme.sh/yourdomain.com_ecc/fullchain.cer;key=/root/.acme.sh/yourdomain.com_ecc/yourdomain.com.key

Thanks a lot for your help! closing this issue now.

[gadget1999]

It seems the docker image was updated today and custom cert path no longer works after this. (but it seems the Dockerfile on github was not changed?)

The V2RAY options used: server;mode=quic;host=yourdomain.com;path=/v2ray;cert=/root/.acme.sh/yourdomain.com/yourdomain.com.cer;key=/root/.acme.sh/yourdomain.com/yourdomain.com.key

Then it reports the following error (even though the file does exist and same as before) 2019/07/20 20:42:48 main: failed to parse config > main: failed to read cert > open /root/.acme.sh/yourdomain.com/yourdomain.com.cer: no such file or directory

Default option without specifying cert/key path still works though.

[gadget1999]

sorry, it's kind of strange. Now it's working again.

[gadget1999]

Some update: found that the issue was caused by a dumb mistake: the path to certificate was using host path, should have used mapped path within container.