CentOS环境通过letsencrypt生成https证书

https://letsencrypt.org/
https://certbot.eff.org/
参考:https://www.cnblogs.com/stulzq/p/8628163.html
https://www.jianshu.com/p/c5c9d071e395
https://zning.me/15424636102403.html

wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
./certbot-auto certonly  -d 你的域名 -d *.你的域名 --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory
./certbot-auto renew  --manual --preferred-challenges dns --manual-auth-hook "/root/certbot-letencrypt-wildcardcertificates-alydns-au/au.sh python aly add" --manual-cleanup-hook "/root/certbot-letencrypt-wildcardcertificates-alydns-au/au.sh python aly clean" --manual-public-ip-logging-ok
 ln -snf ../../archive/millcloud.cn/cert2.pem cert.pem 
 ln -snf ../../archive/millcloud.cn/chain2.pem chain.pem 
 ln -snf ../../archive/millcloud.cn/fullchain2.pem fullchain.pem 
 ln -snf ../../archive/millcloud.cn/privkey2.pem privkey.pem

通配符证书自动续期

https://github.com/ywdblog/certbot-letencrypt-wildcardcertificates-alydns-au/blob/master/README.md

续期证书

#使用python,--force-renewa 强制更新
/root/certbot-auto renew --force-renewal --cert-name xxx.cn  --manual-public-ip-logging-ok  --deploy-hook "/usr/local/openresty/nginx/sbin/nginx -s reload" --manual-auth-hook "/root/certbot-letencrypt-wildcardcertificates-alydns-au/au.sh python aly add" --manual-cleanup-hook "/root/certbot-letencrypt-wildcardcertificates-alydns-au/au.sh python aly clean"

加入crontab

1 1 */1 * * root /root/certbot-auto renew --cert-name xxx.cn  --manual-public-ip-logging-ok  --deploy-hook "/usr/local/openresty/nginx/sbin/nginx -s reload" --manual-auth-hook "/root/certbot-letencrypt-wildcardcertificates-alydns-au/au.sh python aly add" --manual-cleanup-hook "/root/certbot-letencrypt-wildcardcertificates-alydns-au/au.sh python aly clean"

三款在线签发Let’s Encrypt泛域名SSL证书的网站

https://www.9mf.net/other-free/3261.html

更新Let's Encrypt SSL证书提示certbot-auto无法升级怎么办

我们知道 Let's Encrypt SSL 证书只免费3个月,到期需要重新更新续签。今天在更新时,一如既往的敲更新命令certbot-auto renew,但确实提示如下错误:

Upgrading certbot-auto 0.38.0 to 0.39.0...

Couldn't download https://raw.githubusercontent.com/certbot/certbot/v0.39.0/letsencrypt-auto-source/letsencrypt-auto. 

原因是:certbot-auto将始终尝试从最新版本中获取自身的最新版本。

解决方案也非常简单:

如果希望将其锁定到特定版本并且不接收自动更新,只需在命令后加 --no-self-upgrade 即可。即:

certbot-auto renew --no-self-upgrade

果然,问题解决!

你可能感兴趣的:(CentOS环境通过letsencrypt生成https证书)