安装certbot
yum install -y certbot python3-certbot-nginx
获取证书
通过nginx获取证书
certbot certonly --nginx -d www.xxx.com
通过静态目录获取证书
certbot certonly --webroot -w /根目录地址 -d www.xxx.com
注:不加certonly会使certbot自动修改配置文件
配置证书
申请证书完成之后证书会存在在/etc/letsencrypt/live/目录
server {
listen 443 ssl;
server_name www.xxx.com;
root /vhosts/xxx/;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
ssl_certificate /etc/letsencrypt/live/www.xxx.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.xxx.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}常用命令
certbot certificates #可以查看证书的状态 certbot renew #证书到期30天前可以自动更新 certbot revoke #撤销证书 certbot delete #撤销后删除证书
本文链接:https://jeff.xin/post/138.html
--EOF--
Comments
发表评论:
◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。