simple-acme · WouterTinus · Mar 16, 2026 · Jan 29, 2026 · Jan 29, 2026 · Jan 29, 2026
diff --git a/_includes/plugin-seperate.md → _includes/plugin-separate.md b/_includes/plugin-seperate.md → _includes/plugin-separate.md
@@ -5,7 +5,7 @@
         <p>To verify that the plugin is properly installed you can start the main executable 
 with <code>‑‑verbose</code> and it will print information about found and loaded plugins at 
 start up. When the plugin is loaded, it manifests itself as extra menu choices and
-command line parameters being made availalbe.</p>
+command line parameters being made available.</p>
     <div class="callout-block callout-block-warning pb-1 mt-3">
         <div class="content">
             <p>All releases published to third party package managers like Chocolatey and NuGet support plugins, but if you download simple-acme manually, you must choose a <code>pluggable</code> version instead of the <code>trimmed</code> one to use it.</p>

diff --git a/_layouts/plugin.html b/_layouts/plugin.html
@@ -70,7 +70,7 @@ <h2>Description</h2>
 {{content}}
 
 {% if plugin.external %}
-{% include plugin-seperate.md %}
+{% include plugin-separate.md %}
 {% endif %}
 
 {% if arguments == nil %}

diff --git a/manual/about/domain-validated.md b/manual/about/domain-validated.md
@@ -12,7 +12,7 @@ Here is the crux though: being in control of a domain is not always the same as
 
 Commercial providers "solve" this problem by also offering Organisation Validation (OV) certificates. This is the "more secure" and more expensive product that Let's Encrypt lacks and what most of the arguments against it boil down to. 
 
-OV certificates are technically identical to DV certificates - i.e. they offer same level of encryption - but they include additional meta data fields incidating who payed for them, guaranteed to be correct by the issuer. Theoretically this allows end users to make more informed decisions on whether to trust them or not. 
+OV certificates are technically identical to DV certificates - i.e. they offer same level of encryption - but they include additional meta data fields indicating who paid for them, guaranteed to be correct by the issuer. Theoretically this allows end users to make more informed decisions on whether to trust them or not. 
 
 The problem is that the number of users actually doing that rounds down to zero, because these extra fields don't show up anywhere near the regular browsing experience; users often need to click through multiple popups to get to it.
 

diff --git a/manual/advanced-use/examples/apache.md b/manual/advanced-use/examples/apache.md
@@ -84,7 +84,7 @@ if "%~1" == "" exit
 if not exist "%2" md "%2" >nul
 set certlist=%3-chain.pem,%3-key.pem
 echo Script running...
-for %%a in (%certlist%) do copy /y "%ProgramData%\simple-acme\%1\%%a" "%2\" >nul && echo. [INFO] Install %%a to Certificate Store in %2... OK || echo. [WARN] Install certificate %%a fieled!
+for %%a in (%certlist%) do copy /y "%ProgramData%\simple-acme\%1\%%a" "%2\" >nul && echo. [INFO] Install %%a to Certificate Store in %2... OK || echo. [WARN] Install certificate %%a failed!
 echo. [INFO] Restarting service...
 C:\Apache24\bin\httpd.exe -k restart
 echo. [INFO] Service restarted.

diff --git a/manual/advanced-use/global-validation.md b/manual/advanced-use/global-validation.md
@@ -31,8 +31,8 @@ You may use a `*` for a range of any characters and a `?` for any single charact
 example: the pattern `example.*` will match `example.net` and `example.com` (but not 
 `my.example.com`) and the pattern `?.example.com` will match `a.example.com` and
 `b.example.com` (but not `www.example.com`). Note that multiple patterns can be combined
-by comma seperating them.
-- A number incidating priority. Settings with a lower value for the priority will be 
+by comma separating them.
+- A number indicating priority. Settings with a lower value for the priority will be 
 processed first, e.g. priority 1 will take preference over priority 2. This is only 
 relevant when a hostname matches with multiple patterns.
 

diff --git a/manual/system-requirements.md b/manual/system-requirements.md
@@ -5,7 +5,7 @@
 Officially, Microsoft only supports Windows Server 2012 and higher
 for .NET 9.0, which this program builds and depends on. If you're stuck 
 on an older version of Windows (sorry), consider running the latest 
-version of simple-acme on a different machine and transfering the certificates 
+version of simple-acme on a different machine and transferring the certificates 
 over to the older machine using an installation script.
 
 If you absolutely must run on the older machine, you can use an older
@@ -33,7 +33,7 @@ Not all features of this program can work on older versions of IIS.
 Server Name Indication (SNI) is supported from IIS 8.0 (Windows Server 2012) and above. This feature allows you to have multiple HTTPS certificates on the same IP address. Without it, you can only configure a single certificate per IP address. If you want to have SSL for multiple sites with multiple domains with IIS 7.5 or lower all bound to the same IP address your choices are to either create a single certificate for all sites, or to use a wildcard certificate.
 
 #### Configuring the IP address
-When simple-acme creates the binding for a new certificate, it will bind the wildcard (*) IP address by default. In other words, incoming connections on all network interfaces will handeled using the certificate. You can customize this with the `‑‑sslipaddress` switch from the command line, or manually after simple-acme created the binding. On renewal, the program will preserve whatever setting is configured in IIS.
+When simple-acme creates the binding for a new certificate, it will bind the wildcard (*) IP address by default. In other words, incoming connections on all network interfaces will handled using the certificate. You can customize this with the `‑‑sslipaddress` switch from the command line, or manually after simple-acme created the binding. On renewal, the program will preserve whatever setting is configured in IIS.
 
 #### Wildcard bindings
 Wildcard bindings are only supported on IIS 10 (Windows Server 2016+). Wildcard 

diff --git a/manual/upgrading/to-v2.1.0.md b/manual/upgrading/to-v2.1.0.md
@@ -6,7 +6,7 @@ with some notable exceptions.
 
 Releases `2.1.4` and above will also ensure that there is an account for the 
 ACMEv2 server, so that an initial manual renewal is no longer required. 
-For fully unattended upgrades, you will therefor have to specify 
+For fully unattended upgrades, you will therefore have to specify 
 `‑‑import ‑‑emailaddress you@example.com ‑‑accepttos` on the command line so 
 that the account can be created without additional user input.
 

diff --git a/manual/validation-problems.md b/manual/validation-problems.md
@@ -50,7 +50,7 @@ select the `tlsserver` profile.
 
 ### Non-public domains
 Let's Encrypt can only be used to issue certificates for domains living on the
-public internet. Interal domains or Active Directory host names are therefor not
+public internet. Internal domains or Active Directory host names are therefore not
 possible to use.
 
 ## HTTP validation issues

diff --git a/reference/plugins/validation/dns/route53.md b/reference/plugins/validation/dns/route53.md
@@ -24,7 +24,7 @@ Create the record in Amazon AWS [Route53](https://aws.amazon.com/route53/). This
 
 ## IAM
 The IAM role method can only work from inside an EC2 instance. Note that the program
-expects to recieve an IAM role *name*, so not the full ARN.
+expects to receive an IAM role *name*, so not the full ARN.
 
 ## ARN
 The ARN role method can work from anywhere.
diff --git a/reference/plugins/validation/index.md b/reference/plugins/validation/index.md
@@ -11,7 +11,7 @@ A validation plugin is responsible for providing the ACME server with proof that
 challenge types, three of which are supported by simple-acme. For wildcard identifiers, only DNS-01 validation is accepted by Let's Encrypt.
 
 ## Supported challenge types
-The following challenge types are supported by simple-acme. Various plugins exist to automate handeling the challenge. E.g. the file required for HTTP-01 validation may be placed on the local filesystem or uploaded via FTP, and the DNS record required for DNS-01 validation may be created at different providers.
+The following challenge types are supported by simple-acme. Various plugins exist to automate handling the challenge. E.g. the file required for HTTP-01 validation may be placed on the local filesystem or uploaded via FTP, and the DNS record required for DNS-01 validation may be created at different providers.
 <div class="table-responsive my-4 me-5 pe-5">
     <table class="table table-striped">
         <tbody>

diff --git a/reference/plugins/validation/script.md b/reference/plugins/validation/script.md
@@ -81,7 +81,7 @@ You can use `‑‑validationscriptparallelism` to specify if your script suppor
         </thead>
         <tbody>
             <tr><td><code>0</code></td><td>Serial, default serial behaviour</td></tr>
-            <tr><td><code>1</code></td><td>Allow multiple validations to be prepared at the same time. Only do this when you are sure multiple instances of "prepare" running at the same time will not interfere with eachother. Typically difficult to achieve and therefor not recommended.</td></tr>
+            <tr><td><code>1</code></td><td>Allow multiple validations to be prepared at the same time. Only do this when you are sure multiple instances of "prepare" running at the same time will not interfere with each other. Typically difficult to achieve and therefore not recommended.</td></tr>
             <tr><td><code>2</code></td><td>Allow multiple validations to run at the same time. This is possible in theory with every method, but you must be sure that your script is non-destructive, e.g. it should not overwrite pre-existing records or files, nor delete more than what is specifically asked for</td></tr>
             <tr><td><code>3</code></td><td>Combination of 1 and 2</td></tr>
             </tbody></table></div>