server_name lesofn.com; ssl_certificate /etc/letsencrypt/live/lesofn.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/lesofn.com/privkey.pem; ... } 批量替换acme.sh生成的证书: acme.sh证书默认路径是:~/.acme.sh/lesofn.com_ecc,使用以下命令替换多个nginx配置文件中的证书: sed -i...
revoke Revoke a certificate (supply--cert-name or --cert-path) delete Delete a certificate (supply--cert-name) manage your account: register Create an ACME account unregister Deactivate an ACME account update_account Update an ACME account--agree-tos Agree to the ACME server's Subscriber Agreem...
ssl_certificate file; #当前虚拟主机使用PEM格式的证书文件; ssl_certificate_key file; #当前虚拟主机上与其证书匹配的私钥文件; 修改完记得重载nginx配置文件:/usr/local/nginx/sbin/nginx -s reload 回到顶部 certbot常用命令: certbot [子命令] [选项] [-d 域名] (默认) run:获取并安装证书到当前网页服务器...
以www.test.com为例,在/etc/nginx/conf.d文件夹下新建一个www.test.com.conf文件,内容如下: server { listen 443 ssl; # 子域名 server_name www.test.com; # 这里是你证书的位置 ssl_certificate /etc/letsencrypt/live/test.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/test.com/pr...
sudo vi /etc/nginx/sites-available/default 添加80/443端口 443指定安装证书路径 可以先配置上 becool.vip替换为自己的域名 root路径替换为自己的hugo静态网站路径 server { listen 80; server_name becool.vip; root /home/ubuntu/blog/public; index index.html; location / { try_files $uri $uri/ =404...
但Certbot没有给你自动修改Nginx配置时,这时候需要自己配置 如果提示: IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/your.domain.com/fullchain.pem. Your cert will expire on 20XX-09-23. To obtain a new or tweaked version of ...
以Nginx为例,你需要修改Nginx的配置文件,使其使用HTTPS协议。通常,配置文件位于/etc/nginx/sites-available/目录下。找到你的网站配置文件(例如default),将其复制一份并命名为default-ssl,然后修改该文件,添加以下内容: server { listen 443 ssl; server_name your_domain.com; ssl_certificate /etc/letsencrypt/liv...
$ sudo apt-getupdate $ sudo apt-getinstall python-certbot-nginx 申请证书有两种模式:自动模式和手动模式 自动模式 $ sudo certbot--nginx 一行命令解决所有问题: 申请证书 配置Nginx 站点 设置证书自动更新 既然自动模式全部搞定了,为什么还要手动模式呢。自动模式只能自动申请和更新普通域名证书,即仅包含类似 dada...
Certbot is part of EFF’s effort to encrypt the entire Internet. Secure communication over the Web relies on HTTPS, which requires the use of a digital certificate that lets browsers verify the identity of web servers (e.g., is that really google.com?). Web servers obtain their certificate...
4. 配置 nginx server server { listen 80; listen 443 ssl; server_name jenkins.dev.school.thoughtworks.cn; location / { proxy_pass http://localhost:8080/; proxy_set_header Host $http_host; } ssl_certificate /etc/letsencrypt/live/you.domain.com/fullchain.pem; # managed by Certbot ...