\u5b98\u7f51\u63a8\u8350\u4f7f\u7528certbot\u5ba2\u6237\u7aef\u83b7\u53d6\u8bc1\u4e66\u53ca\u914d\u7f6ehttps,cerbot\u5ba2\u6237\u7aef\u7684\u5b98\u7f51\u662f:https:\/\/certbot.eff.org<\/a><\/p>\n\n\n\n \u5728cerbot\u5b98\u7f51\u9009\u62e9\u5bf9\u5e94\u670d\u52a1\u5668\u8f6f\u4ef6\u53ca\u7cfb\u7edf\u7248\u672c\u5373\u53ef\u81ea\u52a8\u8df3\u8f6c\u5230\u6307\u5f15\u6559\u7a0b,\u975e\u5e38\u6613\u7528:<\/p>\n\n\n\n \u6211\u4eec\u9009\u62e9\u7ad9\u70b9\u8fd0\u884c\u5728CentOS8\u7cfb\u7edf\u7684Apache\u4e0a.\u9875\u9762\u4fbf\u4f1a\u63d0\u793a\u5b89\u88c5\u547d\u4ee4.<\/p>\n\n\n\n \u5148\u7528\u7ec8\u7aefssh\u5230\u670d\u52a1\u5668,\u7136\u540e\u8f93\u5165\u4e0b\u9762\u7684\u547d\u4ee4\u884c,\u4e0b\u8f7dcertbot\u5ba2\u6237\u7aef,\u590d\u5236\u5230bin\u76ee\u5f55,\u5e76\u8d4b\u4e88\u6267\u884c\u6743\u9650.<\/p>\n\n\n\n \u63a5\u4e0b\u6765\u8f93\u5165\u4e0b\u9762\u7684\u547d\u4ee4,\u6839\u636e\u63d0\u793a\u8f93\u5165\u90ae\u7bb1,\u57df\u540d\u7b49\u4fe1\u606f\u5373\u53ef\u5b8c\u6210\u8bc1\u4e66\u83b7\u53d6\u53ca\u7ad9\u70b9ssl\u76f8\u5173\u914d\u7f6e.<\/p>\n\n\n\n \u914d\u7f6e\u6210\u529f\u540e,\u53ef\u4ee5\u7528\u5982\u4e0b\u547d\u4ee4\u5c06\u8bc1\u4e66\u66f4\u65b0\u52a0\u5165crontab\u7684\u5b9a\u65f6\u4efb\u52a1,\u6bcf\u5929\u76840\u70b9\u53ca12\u70b9\u81ea\u52a8\u7eed\u671f\u8bc1\u4e66:<\/p>\n\n\n\n \u6574\u4e2a\u8fc7\u7a0b\u975e\u5e38\u4fbf\u6377,\u4f46\u5982\u679c\u670d\u52a1\u5668\u4e0b\u6709\u591a\u4e2a\u7ad9\u70b9\u6216\u8005\u591a\u4e2a\u57df\u540d,\u6709\u65f6\u5019\u4e0a\u9762\u8fd9\u79cd\u5411\u5bfc\u914d\u7f6e\u7684\u65b9\u5f0f\u5c31\u4e0d\u592a\u597d\u7528\u4e86,\u53ef\u4ee5\u53c2\u8003\u4e0b\u9762\u8fd9\u4e9b\u6b65\u9aa4\u624b\u52a8\u7684\u83b7\u53d6\u8bc1\u4e66\u4e0e\u8bbe\u7f6e\u865a\u62df\u76ee\u5f55,\u5305\u542bhttp\u91cd\u5b9a\u5411\u7ed9https.<\/p>\n\n\n\n \u5982\u679c\u662f\u4e0a\u9762\u5411\u5bfc\u6a21\u5f0f\u5931\u8d25\u6216\u8005\u60f3\u5b8c\u5168\u91cd\u65b0\u914d\u7f6eLet’s Encrypt,\u53ef\u4ee5\u5148\u5220\u9664\u4e4b\u524d\u7684\u6b8b\u7559\u6587\u4ef6:<\/p>\n\n\n\n \u6ce8\u610f,\u4e0a\u9762\u662f\u5220\u9664letsencrypt\u76ee\u5f55,\u8bf7\u8c28\u614e\u64cd\u4f5c\u6216\u8005\u5907\u4efd\u8be5\u76ee\u5f55\u518d\u64cd\u4f5c.\u786e\u8ba4mod_ssl\u53caopenssl\u5df2\u5b89\u88c5,\u5982\u679c\u4e0d\u5c0f\u5fc3\u914d\u7f6e\u9519\u4e86ssl\u914d\u7f6e\u6587\u4ef6,\u4e5f\u53ef\u4ee5\u91cd\u88c5mod_ssl\u6216openssl,\u4f7f\u7528\u4e0b\u9762\u547d\u4ee4\u91cd\u88c5:<\/p>\n\n\n\n \u63a5\u4e0b\u6765\u6211\u4eec\u83b7\u53d6\u5bf9\u5e94\u57df\u540d\u7684\u8bc1\u4e66,\u4ee5\u672c\u7ad9\u4e3a\u4f8b,\u4e3a1vr.cn\u53ca4rmb.net\u83b7\u53d6\u4e00\u4e2a\u8bc1\u4e66,\u8f93\u5165\u4e0b\u5217\u547d\u4ee4:<\/p>\n\n\n\n \u6839\u636e\u63d0\u793a\u8f93\u5165,\u7b49\u6709\u5982\u4e0b\u5b57\u6837\u8fd4\u56de,\u8bf4\u660e\u8bc1\u4e66\u83b7\u53d6\u6210\u529f,\u5e76\u53ef\u4ee5\u770b\u5230\u8bc1\u4e66\u5b58\u653e\u8def\u5f84:<\/p>\n\n\n\n IMPORTANT NOTES:<\/p>\n\n\n\n \u7136\u540e\u8fdb\u5165\u5230apache httpd\u670d\u52a1\u914d\u7f6e\u6240\u5728\u76ee\u5f55,\u5373 \/etc\/httpd\/<\/strong> \u76ee\u5f55.\u786e\u8ba4\/etc\/httpd\/conf.d\/ssl.conf\u6587\u4ef6\u5b58\u5728,\u5982\u5b83\u4e0d\u5b58\u5728\u53ef\u5c1d\u8bd5\u91cd\u88c5mod_ssl,\u6216\u8005\u53bb\u4fee\u6539httpd.conf\u6587\u4ef6,\u589e\u52a0433\u7aef\u53e3\u76d1\u542c:<\/p>\n\n\n\n \u5728\u8be5\u914d\u7f6e\u6587\u4ef6\u4e2d\u589e\u52a0\u5982\u4e0b\u4e09\u884c\u4ee3\u7801,\u4ee3\u8868\u5982\u679cmod_ssl\u6a21\u5757\u542f\u7528\u65f6,\u5bf9443\u7aef\u53e3\u8fdb\u884c\u76d1\u542c:<\/p>\n\n\n\n \u4fdd\u5b58\u5e76\u5173\u95ed\u5b83,\u5207\u6362\u5230\u865a\u62df\u76ee\u5f55\u7684\u914d\u7f6e\u6587\u4ef6,\u865a\u62df\u76ee\u5f55\u6587\u4ef6\u6211\u5efa\u7acb\u5728:\/etc\/httpd\/conf.d\/virtual.conf \u6587\u4ef6\u4e2d:<\/p>\n\n\n\n \u53c2\u7167\u4e0a\u56fe,\u5728\u539f\u6709\u865a\u62df\u76ee\u5f55\u914d\u7f6e\u6bb5\u843d\u4e2d\u589e\u52a0\u91cd\u5b9a\u5411,\u4ee5\u5b9e\u73b0\u7528\u6237\u4f7f\u7528http\u8bbf\u95ee\u65f6,\u81ea\u52a8\u91cd\u5b9a\u5411\u81f3https,\u4ee3\u7801\u7ffb\u8bd1\u4e3a\u542f\u7528\u91cd\u5b9a\u5411\u5f15\u64ce,\u5982\u679c\u8bbf\u95ee\u7684\u7aef\u53e3\u4e0d\u662f443,\u65e0\u8bba\u7f51\u5740\u662f\u4ec0\u4e48,\u90fd\u4e0d\u6539\u53d8\u539f\u6709\u7f51\u5740,\u4ec5\u5c06http\u6362\u4e3ahttps\u8bbf\u95ee:<\/p>\n\n\n\n \u540c\u6837\u5c06VirtualHost\u6bb5\u843d\u590d\u5236\u7c98\u8d34,\u4fee\u6539\u7c98\u8d34\u4e2d\u768480\u7aef\u53e3\u4e3a443\u7aef\u53e3,\u5373\u7528\u8be5\u6bb5\u843d\u4f5c\u4e3ahttps\u865a\u62df\u76ee\u5f55\u7684\u8bbe\u5b9a\u914d\u7f6e.\u8be5\u6bb5\u843d\u7684\u9996\u5c3e\u52a0\u4e0amod_ssl\u662f\u5426\u6fc0\u6d3b\u7684\u5224\u65ad,\u786e\u4fdd\u4ec5\u5728mod_ssl\u6a21\u5757\u6fc0\u6d3b\u65f6\u6267\u884c\u8be5\u6bb5\u914d\u7f6e:<\/p>\n\n\n\n \u5728443\u4e3a\u7aef\u53e3\u7684\u865a\u62df\u4e3b\u673a\u8bbe\u7f6e\u4ee3\u7801\u6bb5\u843d\u5757\u4e2d\u52a0\u5165\u4e0b\u97624\u884c\u4ee3\u7801,\u8868\u793a\u5f00\u542fSSL\u5f15\u64ce,\u4ee5\u53ca\u4e4b\u524d\u6211\u4eec\u83b7\u53d6\u7684\u8bc1\u4e66\u5b58\u653e\u8def\u5f84\u7684\u6307\u5b9a,\u8bc1\u4e66\u8def\u5f84\u4e0e\u7533\u8bf7\u57df\u540d\u6709\u5173\u8054,\u8bf7\u6839\u636e\u4f60\u81ea\u5df1\u7684\u57df\u540d\u53ca\u76f8\u5e94\u8bc1\u4e66\u8def\u5f84\u505a\u4fee\u6539:<\/p>\n\n\n\n \u91cd\u65b0\u52a0\u8f7dhttpd\u914d\u7f6e\u6587\u4ef6\u4f7f\u6211\u4eec\u7684\u914d\u7f6e\u751f\u6548:<\/p>\n\n\n\n \u5982\u679c\u7cfb\u7edf\u5f00\u542f\u4e86\u9632\u706b\u5899,\u4e5f\u9700\u8981\u5c06443\u7aef\u53e3\u5f00\u653e,\u4f7f\u7528\u5982\u4e0b\u547d\u4ee4:<\/p>\n\n\n\n \u597d\u4e86,\u6211\u4eec\u7684\u8bc1\u4e66\u914d\u7f6e\u5b8c\u6bd5,\u81ea\u52a8\u7eed\u671f\u8bc1\u4e66\u65b9\u6cd5\u6ca1\u6709\u7279\u522b\u8bbe\u7f6e,\u4e0e\u5411\u5bfc\u6b65\u9aa4\u4e00\u6837,\u4f7f\u7528 sudo \/usr\/local\/bin\/certbot-auto renew<\/strong> \u547d\u4ee4\u52a0\u5165\u5230crontab\u81ea\u52a8\u7eed\u671f\u5373\u53ef.\u8bbf\u95ee\u7ad9\u70b9\u8bd5\u8bd5\u5427, https:\/\/4rmb.net<\/a><\/p>\n\n\n\n \u6709\u95ee\u9898\u6b22\u8fce\u7559\u8a00,\u6211\u4f1a\u5c3d\u5feb\u56de\u590d,\u534f\u52a9\u89e3\u51b3.<\/p>\n","protected":false},"excerpt":{"rendered":" \u8d8a\u6765\u8d8a\u591a\u7684\u7f51\u7ad9\u5f00\u59cb\u652f\u6301https\u534f\u8bae\u8bbf\u95ee\u4e86,\u5404\u79cd\u6d4f\u89c8\u5668\u968f\u7740\u7248\u672c\u7684\u66f4\u65b0\u4e5f\u975e\u5e38”\u4e0d\u539a\u9053”\u7684 … Continue reading CentOS8\u4e0b\u7684Apache\u4f7f\u7528Let’s Encrypt\u914d\u7f6eHTTPS\u6559\u7a0b(\u514d\u8d39)<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[135,133,134],"class_list":["post-2154","post","type-post","status-publish","format-standard","hentry","category-5","tag-letsencrypt","tag-ssl","tag-https","without-featured-image"],"_links":{"self":[{"href":"https:\/\/1vr.cn\/index.php?rest_route=\/wp\/v2\/posts\/2154","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/1vr.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/1vr.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/1vr.cn\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/1vr.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2154"}],"version-history":[{"count":8,"href":"https:\/\/1vr.cn\/index.php?rest_route=\/wp\/v2\/posts\/2154\/revisions"}],"predecessor-version":[{"id":2427,"href":"https:\/\/1vr.cn\/index.php?rest_route=\/wp\/v2\/posts\/2154\/revisions\/2427"}],"wp:attachment":[{"href":"https:\/\/1vr.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2154"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/1vr.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2154"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/1vr.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2154"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"\"](\"\/wp-content\/uploads\/2020\/03\/image.png\")
<\/figure>\n\n\n\n\n\n\n\n
\/etc\/letsencrypt\/live\/1vr.cn\/fullchain.pem
Your key file has been saved at:
\/etc\/letsencrypt\/live\/1vr.cn\/privkey.pem
… …<\/li><\/ul>\n\n\n\n<IfModule mod_ssl.c>\nListen 443\n<\/IfModule><\/code><\/pre>\n\n\n\n![\"\"](\"\/wp-content\/uploads\/2020\/03\/image-1.png\")
<\/figure>\n\n\n\nRewriteEngine on \nRewriteCond %{SERVER_PORT} !^443$ \nRewriteRule ^.*$ https:\/\/%{SERVER_NAME}%{REQUEST_URI} [L,R] <\/code><\/pre>\n\n\n\n<IfModule mod_ssl.c>\nVirtualHost\u4ee3\u7801\u6bb5\u843d\u5757\n<\/IfModule><\/code><\/pre>\n\n\n\n SSLEngine On\n SSLCertificateFile \/etc\/letsencrypt\/live\/1vr.cn\/fullchain.pem\n SSLCertificateKeyFile \/etc\/letsencrypt\/live\/1vr.cn\/privkey.pem\n SSLCertificateChainFile \/etc\/letsencrypt\/live\/1vr.cn\/fullchain.pem<\/code><\/pre>\n\n\n\n