使用 certbot 通过 Let's Encrypt 申请免费证书,部署到 nginx 中,开启 https
使用 certbot 可以很方便、快捷的通过 Let’s Encrypt 申请免费的证书,并部署到 nginx 中,开启 https
在 Linux 通过命令安装
安装 Nginx
sudo apt install nginx
安装 certbot
先安装 snap
sudo apt install snap
再通过 snap 安装 certbot
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
运行 certbot 给 Nginx 安装证书
sudo certbot --nginx
设置邮箱,输入自己的邮箱
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel): me@ichochy.com
确认条款
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf. You must
agree in order to register with the ACME server. Do you agree?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: y
订阅邮件
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: y
签发域名,输入自己的域名
Account registered.
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): ichochy.com
证书部署成功
Successfully received certificate.
……
Deploying certificate
Successfully deployed certificate for ichochy.com to /etc/nginx/sites-enabled/default
Congratulations! You have successfully enabled HTTPS on https://ichochy.com
检测 Nginx 证书部署
访问 https://ichochy.com,已经自动跳转到 HTPPS,证书已经成功部署到 Nginx 中,并成功配置并重启成功
Nginx 配置文件 /etc/nginx/sites-enabled/default