centos 下安裝 Let’s Encrypt 永久免費 SSL 證書

時間  2019-11-07
標籤 centos 安裝 let encrypt 永久 免費 ssl 證書 欄目 CentOS 简体版
原文   原文鏈接

功能

  1. https證書,免費版,每三個月續簽一次,能夠用過腳本自動續簽

安裝

  1. ssh登陸到域名配置所在的主機(nginx,apache等)
  2. 安裝git yum -y install git
  3. 輸入 git clone https://github.com/letsencrypt/letsencrypt
  4. cd letsencrypt
  5. chmod +x letsencrypt-auto
  6. 安裝證書:
    • ./letsencrypt-auto certonly --email 86533019@qq.com -d jenkins.jetbrains.org.cn
    • d參數後面對應的是域名,在執行的過程當中,我遭遇了下面的報錯:
      `Total size: 44 M
      Downloading Packages:
      Running rpmcheckdebug
      ERROR with rpmcheckdebug vs depsolve:
      libgdbm.so.2()(64bit) is needed by python-libs-2.6.6-66.el68.x8664
      ** Found 7 pre-existing rpmdb problem(s), 'yum check' output follows:
      4:perl-5.10.1-141.el67.1.x8664 has missing requires of libgdbm.so.2()(64bit)
      4:perl-devel-5.10.1-141.el67.1.x8664 has missing requires of gdbm-devel
      polkit-0.96-5.el64.x8664 has missing requires of libeggdbus-1.so.0()(64bit)
      2:postfix-2.6.6-6.el65.x8664 has missing requires of libmysqlclient.so.16()(64bit)
      2:postfix-2.6.6-6.el65.x8664 has missing requires of libmysqlclient.so. 16(libmysqlclient_16)(64bit)
      2:postfix-2.6.6-6.el65.x8664 has missing requires of mysql-libs
      python-libs-2.6.6-52.el6.x86_64 has missing requires of libgdbm.so.2()(64bit)
      Your transaction was saved, rerun it with: yum load-transactiontmp/.yumsavetx-2017-04-07-22-1798AqLE.yumtx
      Could not install OS dependencies. Aborting bootstrap!`
    • centos 6 須要安裝 libgdbm.so.2:
      • wget http://mirror.centos.org/centos/6/os/x86_64/Packages/gdbm-1.8.0-39.el6.x86_64.rpm
        • yum localinstall gdbm-1.8.0-39.el6.x86_64.rpm 
* 完成後,從新執行上面的命令行:
![](https://user-gold-cdn.xitu.io/2019/10/5/16d9a32b288e99d4?w=1250&h=560&f=png&s=491855)
7. 即爲安裝完成
## 配置
    1. web服務器,爲這裏是nginx,在nginx中添加代碼:複製代碼
listen 443 ssl;
            ssl on;
            ssl_certificate /etc/letsencrypt/live/XXX.com/fullchain.pem;
            ssl_certificate_key /etc/letsencrypt/live/XXX.com/privkey.pem;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    2. 重啓nginx,就能夠放了https了
##續約
    1. linux中執行 crontab -e
    2. 添加代碼複製代碼
`06 06 * * * /www/web/test/lets/certbot-master/certbot-auto renew   --force-renewal   --pre-hook "/etc/init.d/nginx stop" --post-hook "/etc/init.d/nginx start" >> /www/web_logs/letsencry.log 2>&1` 
複製代碼

如但願瞭解更多,請關注微信公衆號
相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程