Clean up readme.

README.md

@@ -1,21 +1,23 @@
 # An ACME Shell script: acme.sh [![Build Status](https://travis-ci.org/Neilpang/acme.sh.svg?branch=master)](https://travis-ci.org/Neilpang/acme.sh)
 - An ACME protocol client written purely in Shell (Unix shell) language.
-- Fully ACME protocol implementation.
+- Full ACME protocol implementation.
-- Simple, powerful and very easy to use. You only need 3 minutes to learn.
+- Simple, powerful and very easy to use. You only need 3 minutes to learn it.
-- Bash, dash and sh compatible. 
+- Bash, dash and sh compatible.
 - Simplest shell script for Let's Encrypt free certificate client.
-- Purely written in Shell with no dependencies on python or Let's Encrypt official client.
+- Purely written in Shell with no dependencies on python or the official Let's Encrypt client.
-- Just one script, to issue, renew and install your certificates automatically.
+- Just one script to issue, renew and install your certificates automatically.
 - DOES NOT require `root/sudoer` access.
 
 It's probably the `easiest&smallest&smartest` shell script to automatically issue & renew the free certificates from Let's Encrypt.
 
-
 Wiki: https://github.com/Neilpang/acme.sh/wiki
 
+
 # [中文说明](https://github.com/Neilpang/acme.sh/wiki/%E8%AF%B4%E6%98%8E)
 
-#Tested OS
+
+# Tested OS
+
 | NO | Status| Platform|
 |----|-------|---------|
 |1|[![](https://cdn.rawgit.com/Neilpang/acmetest/master/status/ubuntu-latest.svg)](https://github.com/Neilpang/letest#here-are-the-latest-status)| Ubuntu
@@ -38,41 +40,39 @@ Wiki: https://github.com/Neilpang/acme.sh/wiki
 |18|[![](https://cdn.rawgit.com/Neilpang/acmetest/master/status/solaris.svg)](https://github.com/Neilpang/letest#here-are-the-latest-status)|SunOS/Solaris
 |19|[![](https://cdn.rawgit.com/Neilpang/acmetest/master/status/gentoo-stage3-amd64.svg)](https://github.com/Neilpang/letest#here-are-the-latest-status)|Gentoo Linux
 
-For all build statuses, check our [daily build project](https://github.com/Neilpang/acmetest): 
+For all build statuses, check our [daily build project](https://github.com/Neilpang/acmetest):
 
 https://github.com/Neilpang/acmetest
 
-# Supported Mode
 
-1. Webroot mode
+# Supported modes
-2. Standalone mode
-3. Apache mode
-4. Dns mode
 
+- Webroot mode
+- Standalone mode
+- Apache mode
+- DNS mode
 
 
 # 1. How to install
 
-### 1. Install online:
+### 1. Install online
 
 Check this project: https://github.com/Neilpang/get.acme.sh
 
 ```bash
 curl https://get.acme.sh | sh
-
 ```
 
 Or:
 
 ```bash
 wget -O -  https://get.acme.sh | sh
-
 ```
 
 
-### 2. Or, Install from git:
+### 2. Or, Install from git
 
-Clone this project: 
+Clone this project and launch installation:
 
 ```bash
 git clone https://github.com/Neilpang/acme.sh.git
@@ -82,14 +82,14 @@ cd ./acme.sh
 
 You `don't have to be root` then, although `it is recommended`.
 
-Advanced Installation:  https://github.com/Neilpang/acme.sh/wiki/How-to-install
+Advanced Installation: https://github.com/Neilpang/acme.sh/wiki/How-to-install
 
 The installer will perform 3 actions:
 
-1. Create and copy `acme.sh` to your home dir (`$HOME`):  `~/.acme.sh/`.
+1. Create and copy `acme.sh` to your home dir (`$HOME`): `~/.acme.sh/`.
-All certs will be placed in this folder.
+All certs will be placed in this folder too.
-2. Create alias for: `acme.sh=~/.acme.sh/acme.sh`. 
+2. Create alias for: `acme.sh=~/.acme.sh/acme.sh`.
-3. Create everyday cron job to check and renew the cert if needed.
+3. Create daily cron job to check and renew the certs if needed.
 
 Cron entry example:
 
@@ -97,18 +97,17 @@ Cron entry example:
 0 0 * * * "/home/user/.acme.sh"/acme.sh --cron --home "/home/user/.acme.sh" > /dev/null
 ```
 
-After the installation, you must close current terminal and reopen again to make the alias take effect.
+After the installation, you must close the current terminal and reopen it to make the alias take effect.
+
+Ok, you are ready to issue certs now.
 
-Ok, you are ready to issue cert now.
 Show help message:
 
 ```
-
 root@v1:~# acme.sh -h
-
 ```
- 
+
-# 2. Just issue a cert:
+# 2. Just issue a cert
 
 **Example 1:** Single domain.
 
@@ -119,56 +118,57 @@ acme.sh --issue -d example.com -w /home/wwwroot/example.com
 **Example 2:** Multiple domains in the same cert.
 
 ```bash
-acme.sh --issue -d example.com -d www.example.com -d cp.example.com -w /home/wwwroot/example.com 
+acme.sh --issue -d example.com -d www.example.com -d cp.example.com -w /home/wwwroot/example.com
 ```
 
 The parameter `/home/wwwroot/example.com` is the web root folder. You **MUST** have `write access` to this folder.
 
-Second argument **"example.com"** is the main domain you want to issue cert for.
+Second argument **"example.com"** is the main domain you want to issue the cert for.
-You must have at least a domain there.
+You must have at least one domain there.
 
 You must point and bind all the domains to the same webroot dir: `/home/wwwroot/example.com`.
 
-Generate/issued certs will be placed in `~/.acme.sh/example.com/`
+Generated/issued certs will be placed in `~/.acme.sh/example.com/`
 
-The issued cert will be renewed every **60** days automatically.
+The issued cert will be renewed automatically every **60** days.
 
 More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
 
 
-# 3. Install the issued cert to apache/nginx etc.
+# 3. Install the issued cert to Apache/Nginx etc.
 
-After you issue a cert, you probably want to install/copy the cert to your nginx/apache or other servers. 
+After you issue a cert, you probably want to install/copy the cert to your Apache/Nginx or other servers.
-You **MUST** use this command to copy the certs to the target files,  **Do NOT** use the certs files in **.acme.sh/** folder, they are for internal use only, the folder structure may change in future.
+You **MUST** use this command to copy the certs to the target files, **DO NOT** use the certs files in **~/.acme.sh/** folder, they are for internal use only, the folder structure may change in the future.
 
-**nginx** example
+**Apache** example:
 ```bash
 acme.sh --installcert -d example.com \
---keypath  /path/to/keyfile/in/nginx/key.pem  \
+--certpath      /path/to/certfile/in/apache/cert.pem  \
---fullchainpath path/to/fullchain/nginx/cert.pem \
+--keypath       /path/to/keyfile/in/apache/key.pem  \
---reloadcmd  "service nginx restart"
+--fullchainpath /path/to/fullchain/certfile/apache/fullchain.pem \
+--reloadcmd     "service apache2 restart"
 ```
 
-**apache** example
+**Nginx** example:
 ```bash
 acme.sh --installcert -d example.com \
---certpath /path/to/certfile/in/apache/cert.pem  \
+--keypath       /path/to/keyfile/in/nginx/key.pem  \
---keypath  /path/to/keyfile/in/apache/key.pem  \
+--fullchainpath /path/to/fullchain/nginx/cert.pem \
---fullchainpath path/to/fullchain/certfile/apache/fullchain.pem \
+--reloadcmd     "service nginx restart"
---reloadcmd  "service apache2 restart"
 ```
 
 Only the domain is required, all the other parameters are optional.
 
-Install/copy the issued cert/key to the production apache or nginx path.
+Install/copy the issued cert/key to the production Apache or Nginx path.
+
+The cert will be `renewed every **60** days by default` (which is configurable). Once the cert is renewed, the Apache/Nginx service will be restarted automatically by the command: `service apache2 restart` or `service nginx restart`.
 
-The cert will be `renewed every **60** days by default` (which is configurable). Once the cert is renewed, the apache/nginx will be automatically reloaded by the command: `service apache2 reload` or `service nginx reload`.
 
 # 4. Use Standalone server to issue cert
 
-**(requires you be root/sudoer, or you have permission to listen tcp 80 port)**
+**(requires you to be root/sudoer or have permission to listen on port 80 (TCP))**
 
-The tcp `80` port **MUST** be free to listen, otherwise you will be prompted to free the `80` port and try again.
+Port `80` (TCP) **MUST** be free to listen on, otherwise you will be prompted to free it and try again.
 
 ```bash
 acme.sh --issue --standalone -d example.com -d www.example.com -d cp.example.com
@@ -176,13 +176,14 @@ acme.sh --issue --standalone -d example.com -d www.example.com -d cp.example.com
 
 More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
 
-# 5. Use Standalone tls server to issue cert
 
-**(requires you be root/sudoer, or you have permission to listen tcp 443 port)**
+# 5. Use Standalone TLS server to issue cert
+
+**(requires you to be root/sudoer or have permission to listen on port 443 (TCP))**
 
 acme.sh supports `tls-sni-01` validation.
 
-The tcp `443` port **MUST** be free to listen, otherwise you will be prompted to free the `443` port and try again.
+Port `443` (TCP) **MUST** be free to listen on, otherwise you will be prompted to free it and try again.
 
 ```bash
 acme.sh --issue --tls -d example.com -d www.example.com -d cp.example.com
@@ -190,31 +191,33 @@ acme.sh --issue --tls -d example.com -d www.example.com -d cp.example.com
 
 More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
 
+
 # 6. Use Apache mode
 
-**(requires you be root/sudoer, since it is required to interact with apache server)**
+**(requires you to be root/sudoer, since it is required to interact with Apache server)**
 
-If you are running a web server, apache or nginx, it is recommended to use the `Webroot mode`.
+If you are running a web server, Apache or Nginx, it is recommended to use the `Webroot mode`.
 
-Particularly, if you are running an apache server, you should use apache mode instead. This mode doesn't write any files to your web root folder.
+Particularly, if you are running an Apache server, you should use Apache mode instead. This mode doesn't write any files to your web root folder.
 
-Just set string "apache" as the second argument, it will force use of apache plugin automatically.
+Just set string "apache" as the second argument and it will force use of apache plugin automatically.
 
 ```
-acme.sh --issue --apache -d example.com -d www.example.com -d user.example.com
+acme.sh --issue --apache -d example.com -d www.example.com -d cp.example.com
 ```
 
 More examples: https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert
 
+
 # 7. Use DNS mode:
 
 Support the `dns-01` challenge.
 
 ```bash
-acme.sh --issue --dns -d example.com -d www.example.com -d user.example.com
+acme.sh --issue --dns -d example.com -d www.example.com -d cp.example.com
 ```
 
-You should get the output like below:
+You should get an output like below:
 
 ```
 Add the following txt record:
@@ -226,7 +229,6 @@ Domain:_acme-challenge.www.example.com
 Txt value:9ihDbjxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 
 Please add those txt records to the domains. Waiting for the dns to take effect.
-
 ```
 
 Then just rerun with `renew` argument:
@@ -237,53 +239,54 @@ acme.sh --renew -d example.com
 
 Ok, it's finished.
 
+
 # 8. Automatic DNS API integration
 
-If your DNS provider supports API access, we can use API to automatically issue the certs.
+If your DNS provider supports API access, we can use that API to automatically issue the certs.
 
-You don't have do anything manually!
+You don't have to do anything manually!
 
 ### Currently acme.sh supports:
 
-1. Cloudflare.com API
+- CloudFlare.com API
-2. Dnspod.cn API
+- DNSPod.cn API
-3. Cloudxns.com API
+- CloudXNS.com API
-4. Godaddy.com API
+- GoDaddy.com API
-5. OVH, kimsufi, soyoustart and runabove API
+- OVH, kimsufi, soyoustart and runabove API
-6. AWS Route 53, see: https://github.com/Neilpang/acme.sh/issues/65
+- AWS Route 53, see: https://github.com/Neilpang/acme.sh/issues/65
-7. PowerDNS API
+- PowerDNS.com API
-8. lexicon dns api: https://github.com/Neilpang/acme.sh/wiki/How-to-use-lexicon-dns-api
+- lexicon DNS API: https://github.com/Neilpang/acme.sh/wiki/How-to-use-lexicon-dns-api
-   (DigitalOcean, DNSimple, DnsMadeEasy, DNSPark, EasyDNS, Namesilo, NS1, PointHQ, Rage4 and Vultr etc.)
+   (DigitalOcean, DNSimple, DNSMadeEasy, DNSPark, EasyDNS, Namesilo, NS1, PointHQ, Rage4 and Vultr etc.)
-9. LuaDNS.com API
+- LuaDNS.com API
-10. DNSMadeEasy.com API
+- DNSMadeEasy.com API
-11. nsupdate
 
-##### More APIs are coming soon...
+**More APIs coming soon...**
 
-If your DNS provider is not on the supported list above, you can write your own script API easily. If you do please consider submitting a [Pull Request](https://github.com/Neilpang/acme.sh/pulls) and contribute to the project.
+If your DNS provider is not on the supported list above, you can write your own DNS API script easily. If you do, please consider submitting a [Pull Request](https://github.com/Neilpang/acme.sh/pulls) and contribute it to the project.
 
-For more details: [How to use dns api](dnsapi)
+For more details: [How to use DNS API](dnsapi)
 
-# 9. Issue ECC certificate:
 
-`Let's Encrypt` now can issue **ECDSA** certificates.
+# 9. Issue ECC certificates
 
-And we also support it.
+`Let's Encrypt` can now issue **ECDSA** certificates.
+
+And we support them too!
 
 Just set the `length` parameter with a prefix `ec-`.
 
 For example:
 
-### Single domain ECC cerfiticate:
+### Single domain ECC cerfiticate
 
 ```bash
-acme.sh --issue -w /home/wwwroot/example.com -d example.com --keylength  ec-256
+acme.sh --issue -w /home/wwwroot/example.com -d example.com --keylength ec-256
 ```
 
-SAN multi domain ECC certificate:
+### SAN multi domain ECC certificate
 
 ```bash
-acme.sh --issue -w /home/wwwroot/example.com -d example.com -d www.example.com --keylength  ec-256
+acme.sh --issue -w /home/wwwroot/example.com -d example.com -d www.example.com --keylength ec-256
 ```
 
 Please look at the last parameter above.
@@ -295,40 +298,48 @@ Valid values are:
 3. **ec-521 (secp521r1,  "ECDSA P-521", which is not supported by Let's Encrypt yet.)**
 
 
-# 10. How to renew the cert
+# 10. How to renew the issued certs
 
-No, you don't need to renew the certs manually.  All the certs will be renewed automatically every **60** days.
+No, you don't need to renew the certs manually. All the certs will be renewed automatically every **60** days.
 
 However, you can also force to renew any cert:
 
 ```
-acme.sh --renew  -d  example.com --force
+acme.sh --renew -d example.com --force
 ```
 
 or, for ECC cert:
+
 ```
-acme.sh --renew  -d  example.com  --force --ecc
+acme.sh --renew -d example.com --force --ecc
 ```
 
+
 # 11. How to upgrade `acme.sh`
-acme.sh is in developing, it's strongly recommended to use the latest code.
+
+acme.sh is in constant developement, so it's strongly recommended to use the latest code.
 
 You can update acme.sh to the latest code:
+
 ```
 acme.sh --upgrade
 ```
 
-You can enable auto upgrade:
+You can also enable auto upgrade:
+
 ```
-acme.sh  --upgrade  --auto-upgrade
+acme.sh --upgrade --auto-upgrade
 ```
-Then **acme.sh** will keep up to date automatically.
+
+Then **acme.sh** will be kept up to date automatically.
 
 Disable auto upgrade:
+
 ```
-acme.sh  --upgrade  --auto-upgrade 0
+acme.sh --upgrade --auto-upgrade 0
 ```
 
+
 # 12. Issue a cert from an existing CSR
 
 https://github.com/Neilpang/acme.sh/wiki/Issue-a-cert-from-existing-CSR
@@ -340,22 +351,25 @@ Speak ACME language using shell, directly to "Let's Encrypt".
 
 TODO:
 
-# Acknowledgment
+
+# Acknowledgments
+
 1. Acme-tiny: https://github.com/diafygi/acme-tiny
 2. ACME protocol: https://github.com/ietf-wg-acme/acme
 3. Certbot: https://github.com/certbot/certbot
 
+
 # License & Others
 
 License is GPLv3
 
 Please Star and Fork me.
 
-[Issues](https://github.com/Neilpang/acme.sh/issues) and [pull requests](https://github.com/Neilpang/acme.sh/pulls) are welcomed.
+[Issues](https://github.com/Neilpang/acme.sh/issues) and [pull requests](https://github.com/Neilpang/acme.sh/pulls) are welcome.
 
 
 # Donate
-1. PayPal:  donate@acme.sh
+
+1. PayPal: donate@acme.sh
 
 [Donate List](https://github.com/Neilpang/acme.sh/wiki/Donate-list)
-