Free HTTPS application steps, you must know

Time:2020-6-6

Free HTTPS application steps, you must know

The website that does not apply HTTPS encryption is basically a streaking.

Come on, get started

My system is CentOS 6

Step 1: install certbot

Certbot can be used to manage (request, update, configure, revoke, delete, etc.) let’s encrypt certificates. Certbot with nginx plug-in is installed here:

wget https://dl.eff.org/certbot-auto
sudo mv certbot-auto /usr/local/bin/certbot-auto
sudo chown root /usr/local/bin/certbot-auto
sudo chmod 0755 /usr/local/bin/certbot-auto

Step 2: get the certificate

This command is just to get the certificate. The rest of the steps are completed manually

$ /usr/local/bin/certbot-auto certonly --standalone --email [email protected] --agree-tos -d demo_01.xinglong.tech -d demo_02.xinglong.tech -d demo_03.xinglong.tech

View Certificate

$ ls /etc/letsencrypt/live/

Configure Certificate in nginx

ssl_ certificate /etc/letsencrypt/live/ cdw.me/fullchain . PEM; certificate location
ssl_ certificate_ key /etc/letsencrypt/live/ cdw.me/privkey . PEM; private key location

start nginx

Step 3: set automatic renewal

Write update script renew- cert.sh

#!/bin/bash

#Stop nginx
service nginx stop

#Renewal
#-- force renew
/root/certbot-auto renew --force-renew

#Start nginx
service nginx start
a+x renew-cert.sh

Automatic update of HTTPS Certificate in crontab service

#Automatically update certificates every two months
* * * */2 * /root/renew-cert.sh >> /root/crontab.log 2>&1

Let's encrypt generates a free certificate for 3 months, but we can renew the certificate indefinitely

reference resources: https://certbot.eff.org/lets-…

Free HTTPS application steps, you must know
Free HTTPS application steps, you must know

Author: Shi Xinglong
Source: GitHub
This work is licensed under a 4.0 international license for intellectual sharing attribution non-commercial use sharing in the same way.