温馨提示×

温馨提示×

您好,登录后才能下订单哦!

密码登录×
登录注册×
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》

如何在centos下安装Let’s Encrypt永久免费SSL证书

发布时间:2021-06-26 14:20:05 来源:亿速云 阅读:201 作者:chen 栏目:大数据

这篇文章主要讲解了“如何在centos下安装Let’s Encrypt永久免费SSL证书”,文中的讲解内容简单清晰,易于学习与理解,下面请大家跟着小编的思路慢慢深入,一起来研究和学习“如何在centos下安装Let’s Encrypt永久免费SSL证书”吧!

功能

  1. https证书,免费版,每三个月续签一次,可以用过脚本自动续签

安装

  1. ssh登录到域名配置所在的主机(nginx,apache等)

  2. 安装git yum -y install git

  3. 输入 git clone https://github.com/letsencrypt/letsencrypt

  4. cd letsencrypt

  5. chmod +x letsencrypt-auto

  6. 安装证书:

    • wget http://mirror.centos.org/centos/6/os/x86_64/Packages/gdbm-1.8.0-39.el6.x86_64.rpm

    • yum localinstall gdbm-1.8.0-39.el6.x86_64.rpm

    • ./letsencrypt-auto certonly --email 86533019@qq.com -d jenkins.jetbrains.org.cn

    • d参数后面对应的是域名,在执行的过程中,我遭遇了下面的报错: Total size: 44 M Downloading Packages: Running rpm_check_debug ERROR with rpm_check_debug vs depsolve: libgdbm.so.2()(64bit) is needed by python-libs-2.6.6-66.el6_8.x86_64 ** Found 7 pre-existing rpmdb problem(s), 'yum check' output follows: 4:perl-5.10.1-141.el6_7.1.x86_64 has missing requires of libgdbm.so.2()(64bit) 4:perl-devel-5.10.1-141.el6_7.1.x86_64 has missing requires of gdbm-devel polkit-0.96-5.el6_4.x86_64 has missing requires of libeggdbus-1.so.0()(64bit) 2:postfix-2.6.6-6.el6_5.x86_64 has missing requires of libmysqlclient.so.16()(64bit) 2:postfix-2.6.6-6.el6_5.x86_64 has missing requires of libmysqlclient.so. 16(libmysqlclient_16)(64bit) 2:postfix-2.6.6-6.el6_5.x86_64 has missing requires of mysql-libs python-libs-2.6.6-52.el6.x86_64 has missing requires of libgdbm.so.2()(64bit) Your transaction was saved, rerun it with: yum load-transactiontmp/.yum_save_tx-2017-04-07-22-1798AqLE.yumtx Could not install OS dependencies. Aborting bootstrap!

    • centos 6 需要安装 libgdbm.so.2:

    • 完成后,重新执行上面的命令行: 如何在centos下安装Let’s Encrypt永久免费SSL证书

  7. 即为安装完成

配置

1. web服务器,为这里是nginx,在nginx中添加代码:

        listen 443 ssl;
        ssl on;
        ssl_certificate /etc/letsencrypt/live/XXX.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/XXX.com/privkey.pem;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
2. 重启nginx,就可以放了https了

##续约 1. linux中执行 crontab -e 2. 添加代码

   `06 06 * * * /www/web/test/lets/certbot-master/certbot-auto renew   --force-renewal   --pre-hook "/etc/init.d/nginx stop" --post-hook "/etc/init.d/nginx start" >> /www/web_logs/letsencry.log 2>&1`

感谢各位的阅读,以上就是“如何在centos下安装Let’s Encrypt永久免费SSL证书”的内容了,经过本文的学习后,相信大家对如何在centos下安装Let’s Encrypt永久免费SSL证书这一问题有了更深刻的体会,具体使用情况还需要大家实践验证。这里是亿速云,小编将为大家推送更多相关知识点的文章,欢迎关注!

向AI问一下细节

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

AI