使用Certbot来配置网站的HTTPS
官网地址:https://certbot.eff.org/
本文主要是介绍配置Nignx的证书,做了一些关键步骤的记录,其实官网已经非常详细,所以大家最好参考官网。
1、安装相关工具
[root@online nginx]# yum -y install yum-utils
2、安装certbot
[root@online nginx]# yum install certbot python2-certbot-nginx
3、如果第二步安装成功,就跳过下面,下面主要是介绍Python报的一些问题,需要用下面两条命令解决
[root@online nginx]# pip install requests urllib3 pyOpenSSL --force --upgrade [root@online nginx]# pip install --upgrade --force-reinstall 'requests==2.6.0'
4、生成证书过程
[root@online nginx]# certbot --nginx --nginx-server-root=/usr/local/nginx/conf/ Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): xxxxx@qq.com #填写自己邮箱地址 Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A #同意 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y #Yes Starting new HTTPS connection (1): supporters.eff.org Which names would you like to activate HTTPS for? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: www.xxxx.com 2: www.yyyy.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 #选项对应域名的编号 Obtaining a new certificate Performing the following challenges: http-01 challenge for dev.online.qsyuwen.cn Waiting for verification... Cleaning up challenges Resetting dropped connection: acme-v02.api.letsencrypt.org Deploying Certificate to VirtualHost /usr/local/nginx/conf/vhost/dev.online.api.conf Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1 #是否跳转 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://dev.online.qsyuwen.cn You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=dev.online.qsyuwen.cn - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/dev.online.qsyuwen.cn/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/dev.online.qsyuwen.cn/privkey.pem Your cert will expire on 2019-08-19. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
每日一句
-
你的爱是个梦,却有真实的痛。
——江美琪
今日排行
- Electron打包错误“Error: Application entry file ..”解决方案
打包出现如下错误:Error: Application entry file "dist\electron\main.js" in the "D:\gui\demo2\build\win-unpacked\resources\app.asar" does not exist. Seems like a wrong configuration. - mac git用户名和密码修改
在Mac电脑中,如何对Git的用户名和密码进行修改呢?起初不懂Mac,所以整了很久,本文将记录如何对这个进行操作,以便后期使用。 - 嗨!Tauri
Tauri 是一个框架,用于为所有主要桌面平台构建小巧、快速的二进制文件。开发人员可以集成任何可编译为 HTML、JS 和 CSS 的前端框架,以构建他们的用户界面。应用程序的后端是一个基于 Rust 的二进制文件,带有一个前端可以与之交互的 API。
Tauri 应用程序的用户界面目前在 macOS 和 Windows 上利用 tao 作为窗口处理库,在 Linux 上通过 Tauri 团队孵化和维护的 WRY 利用 WebKit、Windows 上的 WebView2 和 Linux 上的 WebKitGTK 创建一个统一的系统 webview(和其他好东西,如菜单和任务栏)接口。 - OpenCV-Python图像的翻转
OpenCV-Python图像的翻转使用flip()函数翻转一个二维的矩阵,包含垂直翻转,水平翻转,以及垂直水平翻转。 - OpenCV-Python图像形态学操作之开运算、闭运算、梯度运算、顶帽运算和黑帽运算
OpenCV-Python图像形态学操作之开运算、闭运算、梯度运算、顶帽运算和黑帽运算,主要介绍函数cv2.morphologyEx的使用.morphologyEx(src,op,kernel,dst = None,anchor = None,iterations = None,borderType = None,borderValue = None)
点击排行
- VSCode插件 - 快速生成表格并格式化
快速生成表格 - Electron打包错误“Error: Application entry file ..”解决方案
打包出现如下错误:Error: Application entry file "dist\electron\main.js" in the "D:\gui\demo2\build\win-unpacked\resources\app.asar" does not exist. Seems like a wrong configuration.
- Electron页面跳转、浏览器打开链接和打开新窗口
Electron页面跳转、浏览器打开链接和打开新窗口
- Docker编译出现:temporary error (try again later)
Docker编译镜像出现:fetch http://dl-cdn.alpinelinux.org/alpine/v3.12/main/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.12/main: temporary error (try again later)
WARNING: Ignoring APKINDEX.2c4ac24e.tar.gz: No such file or directory问题 - mac git用户名和密码修改
在Mac电脑中,如何对Git的用户名和密码进行修改呢?起初不懂Mac,所以整了很久,本文将记录如何对这个进行操作,以便后期使用。
- Git保存和清除用户名、密码
在使用Git的过程中,不想每次都输入用户名和密码去拉取代码,所以就需要保存这些信息,那么既然有保存了,就必须有清除功能。