免费https? 官方安装教程:https://certbot.eff.org/#centos6-nginx (以下是说明安装时遇到的);
- 下载并修改文件权限
wget https://dl.eff.org/certbot-auto && chmod a+x certbot-auto
- 执行:
- ./certbot-auto --nginx certonly 或是 ./certbot-auto --nginx
报错:xx包........出错;请 yum update 更新一下;
报错:一般情况oneinstack 把nginx 没有安装在 /etc 目录:WARNING: unable to check for updates. Saving debug log to /var/log/letsencrypt/letsencrypt.log Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [emerg] open() "/etc/nginx/mime.types" failed (2: No such file or directory) in /etc/nginx/nginx.conf:15 nginx: configuration file /etc/nginx/nginx.conf test failed Could not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration. The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [emerg] open() "/etc/nginx/mime.types" failed (2: No such file or directory) in /etc/nginx/nginx.conf:15 nginx: configuration file /etc/nginx/nginx.conf test failed ',) The nginx plugin is not working; there may be problems with your existing configuration. The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [emerg] open() "/etc/nginx/mime.types" failed (2: No such file or directory) in /etc/nginx/nginx.conf:15 nginx: configuration file /etc/nginx/nginx.conf test failed ',)解决方案:执行:
/certbot-auto --nginx --nginx-server-root=/usr/local/nginx/conf
-
选择 7; 需要添加HTTPS的域名 -
选择2;全部使用HTTPS -
- ./certbot-auto --nginx certonly 或是 ./certbot-auto --nginx
- 完成;此时访问域名,便是https请求方式了。
- 默认免费证书时间是有限的。需要更新达到续签; (/root/certbot-auto 为本人 certbot 安装目录)
- 手动续签
/root/certbot-auto renew - 自动续签
执行:crontab -e
写入:每天零点到十二点更新一次;
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && /root/certbot-auto renew也可以:30 2 * */2 * certbot renew –pre-hook “service nginx stop” –post-hook “service nginx start” —— 每隔两个月凌晨2:30更新:
- 续签完成:并显示过期时间 crontab -l 可查看任务详情;
- 手动续签
- -结束