- 按照自动设置工具
$ apt-get update
$ sudo apt-get install certbot
$ apt-get install python3-certbot-nginx
- 配置Nginx
/etc/nginx/conf.d
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
server_name example.com www.example.com;
}
- 更新配置
nginx -t && nginx -s reload
- 自动生成SSL并配置
$ sudo certbot --nginx -d example.com -d www.example.com
- 如果只生成证书可以用
sudo certbot certonly --nginx
- 出现下面消息代表配置成功
Congratulations! You have successfully enabled https://example.com and https://www.example.com
-------------------------------------------------------------------------------------
IMPORTANT NOTES:
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/example.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/example.com//privkey.pem
Your cert will expire on 2017-12-12.
- 查看更新后的配置文件
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
server_name example.com www.example.com;
listen 443 ssl; # managed by Certbot
# RSA certificate
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
# Redirect non-https traffic to https
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
}
- 到期自动更新设置
每天0点check是不是剩下30天期限,然后更新
crontab -e
0 12 * * * /usr/bin/certbot renew --quiet
每天成就一小步,积累下来就是一大步。
转发本文请注明出处,谢谢您的阅读与分享!
浙公网安备 33010602011771号
【推荐】100%开源!大型工业跨平台软件C++源码提供,建模,组态!
【推荐】2025 HarmonyOS 鸿蒙创新赛正式启动,百万大奖等你挑战
· 优雅求模,一致性哈希算法
· 解疑释惑 - 日志体系之 slf4j + logback 组合(一)
· 平滑加权轮询负载均衡的底层逻辑
· C# 13 与 .NET 9 跨平台开发实战 - 第一章
· DDD领域驱动设计的理解
· 《HelloGitHub》第 113 期
· Git提交错了,别慌!还有后悔药
· 开源一套Microsoft Office COM 组件的 .NET 封装
· ElasticSearch是什么?
· 优雅求模,一致性哈希算法