其他分享
首页 > 其他分享> > cerbot 生成泛域名证书

cerbot 生成泛域名证书

作者:互联网

cerbot 生成泛域名证书 链接1 https://blog.csdn.net/AlistairEd/article/details/113804554 https://blog.csdn.net/weixin_34310322/article/details/116889089 https://www.jianshu.com/p/1eb7060c5ede?utm_campaign=maleskine&utm_content=note&utm_medium=seo_notes&utm_source=recommendation     1 添加EPEL repository后,进行Snapd的安装 yum install snapd #安装这个进行Snapd的安装 ln -s /var/lib/snapd/snap /snap #创建软连接 2 安装后,需要启用管理snap通信套接字的systemd unit systemctl enable --now snapd.socket 3 安装Certbot snap install --classic certbot 4 配置Certbot命令行 ln -s /snap/bin/certbot /usr/bin/certbot #执行如下命令以确保Certbot命令行可用 5 泛域名证书   certbot certonly --preferred-challenges dns --manual -d *.bysir.cn --server https://acme-v02.api.letsencrypt.org/directory 讲解下参数:   敲下回车: ------------------------------------------------------------------------------- NOTE: The IP of this machine will be publicly logged as having requested this certificate. If you're running certbot in manual mode on a machine that is not your server, please ensure you're okay with that. Are you OK with your IP being logged? ------------------------------------------------------------------------------- (Y)es/(N)o: y     ------------------------------------------------------------------------------- Please deploy a DNS TXT record under the name _acme-challenge.bysir.cn with the following value: cuAVEgl69tzimaIm2ncIEIVeMLYnzw05JohSdXuAOAA Before continuing, verify the record is deployed. ------------------------------------------------------------------------------- Press Enter to Continue   注意这一步需要手动配置TXT记录, 在域名解析服务商添加一个泛解析就可以了, 设置好了再敲下回车. 最后就会将生成好的证书保存到本地.       6 运行Certbot(二选一)  certbot --nginx #运行此命令获取证书,并让Certbot自动编辑Nginx配置以提供服务,只需一步即可打开HTTPS访问 7 自动续期 Certbot包带有cron作业或systemd计时器,它将在证书过期之前自动续订证书。除非更改配置,否则不需要再次运行Certbot。通过运行以下命令,可以测试证书的自动续订 sudo certbot renew --dry-run renew的命令被配置到以下位置中的一个: /etc/crontab/ /etc/cron.*/* systemctl list-timers  

标签:证书,--,域名,Certbot,https,snap,certbot,cerbot
来源: https://www.cnblogs.com/gaosai/p/15125673.html