Centos 6.8 下利用 letsencrypt.sh 脚本为 nginx 配置免费 https 证书
程序员文章站
2022-03-16 16:45:04
1、下载letsencrypt.sh
wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encryp...
1、下载letsencrypt.sh
wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.conf wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.sh
2、修改letsencrypt.conf文件的参数
# vim letsencrypt.conf # only modify the values, key files will be generated automaticly. ACCOUNT_KEY="letsencrypt-account.key" DOMAIN_KEY="mtian.net.key" DOMAIN_DIR="/usr/local/nginx/html" #网站的根目录 DOMAINS="DNS:mtian.net,DNS:www.mtian.net" #你的网站域名,多个域名用,号分隔 #ECC=TRUE #LIGHTTPD=TRUE
3、执行文件,生成https所需要的ssl证书文件
添加执行权限并执行 # chmod +x letsencrypt.sh # ./letsencrypt.sh letsencrypt.conf 运行完成后会在当前目录生成如下文件 letsencrypt-account.key lets-encrypt-x3-cross-signed.pem mtian.csr letsencrypt.conf mtian.chained.crt mtian.net.key letsencrypt.sh mtian.crt
5、修改nginx配置文件,加入https
# vim /usr/local/nginx/conf/nginx.conf server { listen 443 ssl; server_name www.mtian.net; ssl on; ssl_certificate /usr/local/nginx/conf/mtian.chained.crt; ssl_certificate_key /usr/local/nginx/conf/mtian.net.key; location / { root html; index index.html index.htm; } }
6、复制letsencrypt.sh生成的mtian.chained.crt和mtian.net.key 件到 nginx.conf中指定的目录/usr/local/nginx/conf/
# cp mtian.chained.crt /usr/local/nginx/conf/ # cp mtian.net.key /usr/local/nginx/conf/
7、重启nginx
# service nginx restart Stopping nginx: [ OK ] Starting nginx: [ OK ]
上一篇: CSS3动画的基本使用(CSS3)
下一篇: Android手动释放Bitmap方法