1. yum install certbot-nginx

  2. certbot certonly --register-unsafely-without-email --domains www.lgy-note.tk

  3. certbot renew
    三个月更新一次

  4. .nginx 编译 --prefix=/root/nginx --with-http_sub_module --with-http_v2_module --with-http_ssl_module

  5. server {

listen 0.0.0.0:443 ssl http2 default;

ssl on;

ssl_certificate /etc/letsencrypt/live/www.lgy-note.tk/fullchain.pem;

ssl_certificate_key /etc/letsencrypt/live/www.lgy-note.tk/privkey.pem;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

location / { root html; }

}

泛域名证书

wget https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh

sh acme.sh --issue -d *.lgy-note.tk -d lgy-note.tk --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please 添加dns记录

sh acme.sh --issue -d *.lgy-note.tk -d lgy-note.tk --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please --renew

results matching ""

    No results matching ""