certbot生成证书

安装

yum install -y epel-release
yum clean all
yum makecache

yum -y install yum-utils
yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional
yum -y install certbot python2-certbot-nginx

生成证书

# 80被墙,只能使用手动验证域名所有权
certbot certonly --manual --preferred-challenge dns -d www.your-domain.com

# 自动验证域名所有权
certbot certonly --standalone -d www.your-domain.com
Please deploy a DNS TXT record under the name
_acme-challenge.www.your-domain.com with the following value:
sB5AVgJfV3pb00t5gt_3Cli7Hxy8WQeIxEuN81mqvk4
Before continuing, verify the record is deployed.
# 加一条TXT到host records, host: "_acme-challenge.www",value: "sB5AVgJfV3pb00t5gt_3Cli7Hxy8WQeIxEuN81mqvk4"
# 回车
   Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/www.your-domain.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/www.your-domain.com/privkey.pem
   Your cert will expire on 2020-06-08. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"

你可能感兴趣的:(certbot生成证书)