11、certbot在Centos7.4配置Nginx的https簽名證書

1、certbot的官網(wǎng)地址

https://certbot.eff.org/

2、制作證書前的準(zhǔn)備:

需要有一個(gè)公網(wǎng)地址,并綁定合法域名

3、安裝依賴包

# yum install epel-release

4、以下忘記了(待整理,記得用snap安裝)

# cd /home/downloads

# wget https://dl.eff.org/certbot-auto --no-check-certificate

# chmod +x ./certbot-auto

# ./certbot-auto -n

yum install certbot-nginx

yum install snapd

sudo snap install core

sudo snap install --classic certbot

sudo dnf remove certbot

sudo ln -s /var/lib/snapd/snap /snap

sudo ln -s /snap/bin/certbot /usr/bin/certbot

sudo certbot certonly --nginx

sudo certbot certonly --nginx --nginx-server-root=/usr/local/nginx/conf

5、生成證書

# sudo certbot certonly --email laiguowei2004@163.com --agree-tos --no-eff-email --webroot -w /home/wwwroot/amzzm -d amzzm.com

* --webroot -w **:網(wǎng)站運(yùn)行的主目錄

-d: 網(wǎng)站域名

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Plugins selected: Authenticator webroot, Installer None

Requesting a certificate for amzzm.com

Performing the following challenges:

http-01 challenge for amzzm.com

Using the webroot path /home/wwwroot/amzzm for all unmatched domains.

Waiting for verification...

Cleaning up challenges

IMPORTANT NOTES:

- Congratulations! Your certificate and chain have been saved at:

? /etc/letsencrypt/live/amzzm.com/fullchain.pem【公鑰文件,對(duì)應(yīng)nginx里的ssl_certificate】

? Your key file has been saved at:

? /etc/letsencrypt/live/amzzm.com/privkey.pem【私鑰文件,對(duì)應(yīng)nginx里的ssl_certificate_key】

? Your certificate will expire on 2021-04-27. To obtain a new or

? tweaked version of this certificate in the future, simply run

? certbot again. To non-interactively renew *all* of your

? certificates, run "certbot renew"

- If you like Certbot, please consider supporting our work by:

? Donating to ISRG / Let's Encrypt:? https://letsencrypt.org/donate

? Donating to EFF:? ? ? ? ? ? ? ? ? ? https://eff.org/donate-le

6、修改nginx配置

server {

??? listen 80;

??? listen 443 ssl;

??? ssl_certificate /etc/letsencrypt/live/amzzm.com/fullchain.pem;

??? ssl_certificate_key /etc/letsencrypt/live/amzzm.com/privkey.pem;

??? server_name amzzm.com www.amzzm.com;

??? root /home/amzzm.com/;

}

?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容