爲website安裝免費的letsencrypt證書

Certbot官網：https://certbot.eff.org

1. 安裝certbot命令

wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto

2. 中止目標域名對應的apache服務

docker stop apache

3. 生成證書

sudo ./certbot-auto --standalone certonly -m jianboliu1@galaxyinternet.com  -d api.gwdatabank.com

查看

複製證書到apache的配置目錄中

4. 配置apache

Httpd.conf文件

LoadModule ssl_module modules/mod_ssl.so Include conf/extra/httpd-ssl.conf LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

extra/httpd-vhosts.conf文件

Listen 8002 <VirtualHost *:8002> ServerName api.gwdatabank.com     ServerAdmin webmaster@dummy-host.example.com     DocumentRoot "/home/work/local/apache2/htdocs/databank-api-rcv/public/"     SetEnv APPLICATION_ENV "production" 　 RewriteEngine on     RewriteCond %{SERVER_PORT} !^443$     RewriteRule ^(.*)?$ https://api.gwdatabank.com/$1 [L,R]     ErrorLog "logs/api-web-error_log"     CustomLog "logs/api-web-access_log" combined <Directory "/home/work/local/apache2/htdocs/databank-api-rcv/public/">     Options  FollowSymLinks     AllowOverride All     Require all granted </Directory> </VirtualHost>

extra/httpd-ssl.conf文件

Listen 8443 DocumentRoot "/home/work/local/apache2/htdocs/databank-api-rcv/public" ServerName api.gwdatabank.com:8443 SSLCertificateFile "/home/work/local/apache2/conf/api.gwdatabank.com/fullchain1.pem" SSLCertificateKeyFile "/home/work/local/apache2/conf/api.gwdatabank.com/privkey1.pem"

5. 啓動apache驗證

映射80->8002 ，443->8443 Docker start-docker-api.sh