• 萌新

    不管是通信安全还是搜素引擎收录需要,SSL证书现在基本是建站的标配了。除了通过宝塔等面板申请和管理Let’s Encrypt证书,现在也可以通过certbot,非常简便。

    官网:
    https://certbot.eff.org/lets-encrypt/debianjessie-nginx

    1.png

    根据自己使用的网页服务器类型和操作系统,系统会自动匹配相应代码:
    2.png

    3.png

    然后按照页面提示一步步操作就行了。


    下面以nginx和Debian9为例说明:

    • 移除系统已有的certbot:
    apt-get remove certbot
    
    • 安装certbot:
    wget https://dl.eff.org/certbot-auto
    mv certbot-auto /usr/local/bin/certbot-auto
    chown root /usr/local/bin/certbot-auto
    chmod 0755 /usr/local/bin/certbot-auto
    
    • 自动申请证书并整合进入nginx:
    /usr/local/bin/certbot-auto --nginx
    

    具体安装中,会要求输入邮箱,同意协议、订阅EFF信息,并确认域名、是否强制跳转https。

    Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    1: No redirect - Make no further changes to the webserver configuration.
    2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
    new sites, or if you're confident your site works on HTTPS. You can undo this
    change by editing your web server's configuration.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
    Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/translatorsnews.com.conf
    

    注意证书的保存位置和到期日:

     - Congratulations! Your certificate and chain have been saved at:
       /etc/letsencrypt/live/translatorsnews.com/fullchain.pem
       Your key file has been saved at:
       /etc/letsencrypt/live/translatorsnews.com/privkey.pem
       Your cert will expire on 2020-05-07.
    
    • 最后设置证书自动更新:
    echo "0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/local/bin/certbot-auto renew" | sudo tee -a /etc/crontab > /dev/null
    

    现在打开网站看看,是不是已经有小锁了?

    你还可以通过这个网站进一步验证网站的安全性: https://www.ssllabs.com/ssltest/

    4.png

广告


赞助商广告

分类

56
Online

5.0k
Users

17.9k
Topics

56.8k
Posts