- 安装
1
2
| sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
|
- 获取证书
1
| sudo certbot certonly --webroot -w /data/wwwroot/iguojin.com/ -d iguojin.com
|
- 挂载docker
1
| /etc/letsencrypt:/etc/nginx/ssl/letsencrypt
|
- 配置nginx
1
2
| ssl_certificate /etc/nginx/ssl/letsencrypt/live/iguojin.com/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/letsencrypt/live/iguojin.com/privkey.pem;
|
- 自动更新
1
| sudo certbot renew --dry-run
|
执行这个命令后,他会自动配置定时任务,在如下位置之一
1
2
3
| /etc/crontab/
/etc/cron.*/*
systemctl list-timers
|
- 通过阿里云DNS
https://github.com/tengattack/certbot-dns-aliyun
1
2
3
4
5
6
| sudo snap install certbot-dns-aliyun
sudo snap set certbot trust-plugin-with-root=ok
sudo snap connect certbot:plugin certbot-dns-aliyun
/snap/bin/certbot plugins
certbot certonly --authenticator=dns-aliyun --dns-aliyun-credentials='/ssl_conf/credentials.ini' -d "*.iguojin.com"
|
