HTTPS免费SSL证书自动续期永久使用
https://certbot.eff.org/ 到网站上选择你的SSL使用
wget https://dl.eff.org/certbot-auto
mv certbot-auto /usr/local/bin/certbot-auto
chown root /usr/local/bin/certbot-auto
chmod 0755 /usr/local/bin/certbot-auto
certbot-auto certonly --webroot -w /www/web/example.com/public_html -d example.com -d www.example.com
cd /etc/letsencrypt/live/example.com
fullchain.pem ->example.com.crt 改成你的域名证书名称
privkey.pem ->example.com.key 改成你的域名证书名称
-----------------------------------------------------------------------------------
server {
listen 80;
server_name example.com www.example.com; 这里修改为网站域名
rewrite ^(.*)$ https://$host$1 permanent;
index index.html index.php index.htm;
}
server {
listen 443;
ssl on;
ssl_certificate /etc/letsencrypt/live/example.com.crt; 默认证书所在的路径
ssl_certificate_key /etc/letsencrypt/live/example.com.key; 默认证书所在的路径
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
server_name example.com www.example.com;
index index.html index.php index.htm;
}
-----------------------------------------------------------------------------------
crontab -e
0 3 1 * * /root/certbot-auto renew –renew-hook “/etc/init.d/nginx -s reload”
service crond restart
service crond on
-----------------------------------------------------------------------------------
版权声明:除非注明,本文由( chao )原创,转载请保留文章出处
本文链接:HTTPS免费SSL证书自动续期永久使用