Let’s Encrypt 免费获取网站域名的https证书

蜗牛vps vps教程 2020-07-19 455 0

昨日搭建完成网站之后,用Dnspod配置好了指向IP的A解析,之前也配置好了NS解析(配置:cloud.tencent.com/docum),然后发现域名出现了一种奇怪的问题,由于某种众所周知的原因无法访问:

具体参考见:v2ex.com/t/223261

看来必须配置https证书了!

比较懒,照搬英文教程,有问题的地方我会标注指明。

环境:Apache CentOS 7

原教程:digitalocean.com/commun


-Introduction

Let’s Encrypt is a Certificate Authority (CA) that provides free certificates for Transport Layer Security (TLS) encryption, thereby enabling encrypted HTTPS on web servers. It simplifies the process of creation, validation, signing, installation, and renewal of certificates by providing a software client that automates most of the steps—Certbot.

In this tutorial, you will use Certbot to set up a TLS/SSL certificate from Let’s Encrypt on a CentOS 7 server running Apache as a web server. Additionally, you will automate the certificate renewal process using a cron job, which you can learn more about by reading How To Use Cron To Automate Tasks On a VPS.

-Prerequisites

In order to complete this guide, you will need:

  • One CentOS 7 server set up by following the CentOS 7 initial server setup guide with a non-root user who has sudo privileges.
  • A basic firewall condivd by following the Additional Recommended Steps for New CentOS 7 Servers guide.
  • Apache installed on the CentOS 7 server with a virtual host condivd. You can learn how to set this up by following our tutorial How To Install the Apache Web Server on CentOS 7. Be sure that you have a virtual host file for your domain. This tutorial will use /etc/httpd/sites-available/example.com.conf as an example.

建立虚拟主机:zhuanlan.zhihu.com/p/16

  • You should own or control the registered domain name that you wish to use the certificate with. If you do not already have a registered domain name, you may purchase one on Namecheap, get one for free on Freenom, or use the domain registrar of your choice.
  • A DNS A Record that points your domain to the public IP address of your server. You can follow this introduction to DigitalOcean DNS for details on how to add them with the DigitalOcean platform. DNS A records are required because of how Let’s Encrypt validates that you own the domain it is issuing a certificate for. For example, if you want to obtain a certificate for example.com, that domain must resolve to your server for the validation process to work. Our setup will use example.com and www.example.com as the domain names, both of which will require a valid DNS record.

When you have all of these prerequisites completed, move on to install the Let’s Encrypt client software.








官网:

https://letsencrypt.org/letsencrypt.org


Certbot - Centosrhel7 Apachecertbot.eff.orgLet’s Encrypt 免费获取网站域名的https证书  第1张

评论

有免费节点资源,我们会通知你!加入纸飞机订阅群

×
天气预报查看日历分享网页手机扫码留言评论Telegram