时间:2022-08-22 20:24:01 | 来源:网站运营
时间:2022-08-22 20:24:01 来源:网站运营
原文:免费 Https 证书(Let's Encrypt)申请与配置$ git clone https://github.com/certbot/certbot$ cd certbot$ ./certbot-auto --help
解压打开执行就会有相关提示./certbot-auto certonly --webroot --agree-tos -v -t --email 邮箱地址 -w 网站根目录 -d 网站域名./certbot-auto certonly --webroot --agree-tos -v -t --email keeliizhou@gmail.com -w /path/to/your/web/root -d note.crazy4code.com
注意这里 默认会自动生成 /网站根目录/.well-known/acme-challenge,然后 shell 脚本会对应的访问 网站域名/.well-known/acme-challenge- Congratulations! Your certificate and chain have been saved at/etc/letsencrypt/live/网站域名/fullchain.pem...
openssl dhparam -out /etc/ssl/certs/dhparams.pem 2048
listen 443ssl on;ssl_certificate /etc/letsencrypt/live/网站域名/fullchain.pem;ssl_certificate_key /etc/letsencrypt/live/网站域名/privkey.pem;ssl_dhparam /etc/ssl/certs/dhparams.pem;ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers HIGH:!aNULL:!MD5;
然后重启 nginx 服务就可以了server { listen 80; server_name your.domain.com; return 301 https://$server_name$request_uri;}