Let's Encrypt?Certbot???

???????????????????????SSL???????Let's Encrypt?????SSL??? Certbot??????????????????????????????????SSL?????

1. ??Certbot

????????GitHub???Certbot????

sudo git clone https://github.com/certbot/certbot

2. Nginx????????

?Nginx?????????????ACME??????????

location ^~ /.well-known/acme-challenge/ {
    default_type "text/plain";
    root /opt/JAVA1024/CERT;
}
location = /.well-known/acme-challenge/ {
    return 404;
}

3. ??SSL??

?????????????????????????????

export DOMAINS="java1024.club,m.java1024.club"
export DIR=/opt/JAVA1024/CERT
sudo certbot certonly --server https://acme-v01.api.letsencrypt.org/directory \
    -a webroot --webroot-path=$DIR \
    -d $DOMAINS

4. Nginx SSL??

?Nginx???????SSL???

listen 443;
ssl_certificate /etc/letsencrypt/live/java1024.club/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/java1024.club/privkey.pem;

5. ???????

????SSL??????????????????????

#!/bin/sh
# ?????????Let's Encrypt??
if ! sudo /opt/letsencrypt/letsencrypt-auto renew > /var/log/letsencrypt/renew.log 2>&1; then
    echo "??????????????: cat /var/log/letsencrypt/renew.log"
    exit 1
fi
nginx -t && nginx -s reload

?????crontab?????

sudo crontab -e @daily /mnt/crontab_script/renew_certs.sh

6. ??????

????????????????????????

export DOMAINS="java1024.club,m.java1024.club,java1024.com"
export DIR=/opt/JAVA1024/CERT
sudo /opt/letsencrypt/letsencrypt-auto certonly --server https://acme-v01.api.letsencrypt.org/directory \
    -a webroot --webroot-path=$DIR \
    -d $DOMAINS

7. ?????

??????????Nginx???

nginx -s reload

??????????????Let's Encrypt SSL???????????????????????????????????????

上一篇：JQuery max-height的value不能为数值

下一篇：python登录接口测试问题记录与解决 ( 干货 )

发表评论

关于作者

喝酒易醉，品茶养心，人生如梦，品茶悟道，何以解忧？唯有杜康！

-- 愿君每日到此一游！