diff --git "a/Ops/\346\234\215\345\212\241\345\231\250\351\205\215\347\275\256.adoc" "b/Ops/\346\234\215\345\212\241\345\231\250\351\205\215\347\275\256.adoc"
index 54806addc7511a6f643027819ada77559bcfacf2..03380f3626622ce14e178fa1cf64cdb02531968a 100644
--- "a/Ops/\346\234\215\345\212\241\345\231\250\351\205\215\347\275\256.adoc"
+++ "b/Ops/\346\234\215\345\212\241\345\231\250\351\205\215\347\275\256.adoc"
@@ -106,3 +106,25 @@ nft list tables inet
 
 == Node.js è¿è¡Œæ—¶éƒ¨ç½²
 å‚è€ƒé“¾æŽ¥ï¼š<https://github.com/nodesource/distributions>
+
+== SSL é…ç½®
+
+[source, bash]
+----
+# ä¸‹è½½å¹¶å®‰è£… acme.sh
+# link: https://github.com/acmesh-official/acme.sh
+# my@example.com å¯ä»¥æ›¿æ¢ä¸ºè‡ªå·±çš„é‚®ç®±
+curl https://get.acme.sh | sh -s email=my@example.com
+
+# æ›´æ¢é»˜è®¤CA
+# link: https://github.com/acmesh-official/acme.sh/issues/4980
+acme.sh --set-default-ca --server letsencrypt
+
+# ç”³è¯·åŸŸå SSL è¯ä¹¦
+# link: https://github.com/acmesh-official/acme.sh/wiki/dnsapi
+export Namesilo_Key="<key>"
+acme.sh --issue --dns dns_namesilo -d example.com -d *.example.com --dnssleep 900
+
+# å®‰è£… SSL è¯ä¹¦
+acme.sh --install-cert -d example.com -d *.example.com --key-file /path/to/key.pem --fullchain-file /path/to/cert.pem --reloadcmd "service nginx force-reload"
+----