ubuntu20.04 + Let's Encrypt + Nginx solve untrusted website

Time:2022-8-5

Before proceeding, please confirm that nginx has been installed. . .

1, first installcertbot

apt install certbot python3-certbot-nginx

2, generate a certificate

certbot --nginx -d example.com -d www.example.com

When performing this step, you will be asked to fill in your email address to notify you of security issues such as renewal time, the email is convenient, and then some other questions
ubuntu20.04 + Let's Encrypt + Nginx solve untrusted website
ubuntu20.04 + Let's Encrypt + Nginx solve untrusted website
ubuntu20.04 + Let's Encrypt + Nginx solve untrusted website
ubuntu20.04 + Let's Encrypt + Nginx solve untrusted website
ubuntu20.04 + Let's Encrypt + Nginx solve untrusted website

The operation is successful and finally you can see/etcWhether the directory is generatedletsencrypt directory, (This step may be delayed, I waited for a while to generate it)

3, configure nginx

server {     
    listen 80;
    server_name www.example.com;
    #Redirect HTTP 301 to HTTPS 
    rewrite ^(.*)$ https://$host$1 permanent;
}

server {             
    listen 443;
    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_session_timeout 5m;
    ssl_protocols SSLv3 TLSv1;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
    ssl_prefer_server_ciphers on;
    server_name www.example.com; 
}

Finally restart nginx

The above article is referenced from
https://blog.csdn.net/setoy/a…
https://www.cnblogs.com/cool-…

Gratefulubuntu20.04 + Let's Encrypt + Nginx solve untrusted website