自动从Let's Encrypt获取HTTPS证书 (Obtain HTTPS Certificate from Let's Encrypt)

Let’s Encrypt provides free SSL/TLS certificates to secure websites. Below are the steps to obtain a certificate using Certbot, the recommended ACME client.

Step 1: Install Certbot

Certbot is a tool that automates the process of obtaining and renewing certificates. Install it based on your operating system:

• Debian/Ubuntu:

sudo apt update
sudo apt install certbot

• Fedora: 

sudo dnf install certbot

 

For web servers like Apache or Nginx, install their respective plugins:

sudo apt install python3-certbot-apache # For Apache
sudo apt install python3-certbot-nginx # For Nginx

 

Step 2: Obtain the Certificate

Run Certbot to request a certificate. Choose the appropriate command based on your web server:

• For Apache:

sudo certbot --apache

• For Nginx:

sudo certbot --nginx

 

If no web server is running, use the standalone mode:

sudo certbot certonly --standalone --email your-email@example.com --agree-tos --no-eff-email -d yourdomain.com

Certbot will verify domain ownership using HTTP-01 or DNS-01 challenges and issue the certificate.

 

Step 3: Verify Installation

Certbot saves certificates in /etc/letsencrypt/live/yourdomain.com/. Verify the certificate files:

•  fullchain.pem : The certificate.

•  privkey.pem : The private key.

 

Step 4: Automate Renewal

Certbot automatically sets up a renewal task. To test renewal manually:

sudo certbot renew --dry-run

 

Tips

• Ensure port 80 (HTTP) or 443 (HTTPS) is open for validation.

• Use --non-interactive mode for automation in scripts.

• Check Let’s Encrypt documentation for advanced configurations.

By following these steps, you can secure your website with a free HTTPS certificate from Let’s Encrypt.

 

 

---

By Lyndon L.

C# / Python开发者, 专注: 上位机软件, .NET MAUI跨平台应用开发, 计算机视觉(人脸检测与识别, 车辆/人体检测, 车牌识别)