https://certbot.eff.org/lets-encrypt/centosrhel7-nginx
SSH into the server
SSH into the server running your HTTP website as a user with sudo privileges.
Enable EPEL repo
You’ll need to enable the EPEL (Extra Packages for Enterprise Linux) repository.
Follow these instructions at the Fedora wiki to enable EPEL.
enable EPEL
Enable the optional channel
If you’re using RHEL or Oracle Linux, you’ll also need to enable the optional channel. On EC2, RHEL users can enable the optional channel by running the following command, substituting your EC2 region for REGION in the command:
yum -y install yum-utils
yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optionalInstall Certbot
Run this command on the command line on the machine to install Certbot.
sudo yum install certbot python2-certbot-nginxChoose how you’d like to run Certbot
Either get and install your certificates…
Run this command to get a certificate and have Certbot edit your Nginx configuration automatically to serve it, turning on HTTPS access in a single step.
sudo certbot --nginxOr, just get a certificate
If you’re feeling more conservative and would like to make the changes to your Nginx configuration by hand, run this command.
sudo certbot certonly --nginxSet up automatic renewal
We recommend running the following line, which will add a cron job to the default crontab.
echo "0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew" | sudo tee -a /etc/crontab > /dev/nullConfirm that Certbot worked
To confirm that your site is set up properly, visit https://yourwebsite.com/ in your browser and look for the lock icon in the URL bar. If you want to check that you have the top-of-the-line installation, you can head to https://www.ssllabs.com/ssltest/.
最后编辑:Jeebiz 更新时间:2024-01-25 09:10
