当前位置：网站首页>Free SSL certificate acquisition tutorial

Free SSL certificate acquisition tutorial

2022-06-25 08:11:00 【On procedural retreat】

Use Certbot Free access https certificate ：

Environmental Science ：centOS6.8 64 position 、nginx already installed

Method ：CentOS 5 Because python The version is too low to use ,CentOS 6 You need to install epel Talent

One . If it is CentOS 6、7, Execute first ：yum install epel-release

1. First check whether the system is installed epel-release

[[email protected] ~]  
# rpm -q epel-release  
package epel-release is not installed

2. install EPEL

32 position ：http://mirrors.ustc.edu.cn/fedora/epel/6/i386/epel-release-6-8.noarch.rpm
64 position ：http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm

[[email protected] ~]# rpm -ivh http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm  
Retrieving http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm  
Preparing...                ########################################### [100%]  
   1:epel-release           ########################################### [100%]

#2.1 Installation successful

[[email protected] ~]# rpm -q epel-release  
epel-release-6-8.noarch

#2.2 View the attached software files

[[email protected] ~]# rpm -qR epel-release    
/bin/sh    
/bin/sh    
config(epel-release) = 6-8  
redhat-release >= 6  
rpmlib(CompressedFileNames) <= 3.0.4-1  
rpmlib(FileDigests) <= 4.6.0-1  
rpmlib(PayloadFilesHavePrefix) <= 4.0-1  
rpmlib(PayloadIsXz) <= 5.2-1

#2.3 uninstall

[[email protected] ~]# rpm -e epel-release  
warning: /etc/yum.repos.d/epel.repo saved as /etc/yum.repos.d/epel.repo.rpmsave

Two . install Certbot-auto

1、 obtain Certbot client

wget https://dl.eff.org/certbot-auto
chmod a+x ./certbot-auto
./certbot-auto --help

2、 stop it nginx

service nginx stop

3、 Generate Certificate

./certbot-auto certonly --standalone --email [email protected] --  agree-tos -d zdw.me -d www.zdw.me -d service.zdw.me

4、 View the generated certificate

ls /etc/letsencrypt/live/

5、 stay nginx Configure certificate

# Certificate location 
ssl_certificate /etc/letsencrypt/live/cdw.me/fullchain.pem;
#  Private key location 
ssl_certificate_key /etc/letsencrypt/live/cdw.me/privkey.pem;

6、 start-up nginx