免费为你的网站添加SSL证书

写在前面的话

建议提前好准备以下,之后再食用本文:

  • 注册好的域名一枚
  • 安装好nginx的VPS一枚
    通过这篇文章,你将学会以下:
  • 使用Certbot免费为网站添加SSL证书

本文目录

  • VPS环境介绍
  • 安装Certbot
  • 为网站创建SSL证书
  • 添加自动更新证书有效期任务

1. VPS环境介绍:

CentOS 7.0 + Nginx
其它平台自行前往certbot官网查看。

2. 安装Certbot:

Certbot是letsencrypt的免费证书发放软件。

1
2
$ yum update
$ yum install certbot python2-certbot-nginx

3. 为网站创建SSL证书

1
$ certbot --nginx
选择需要SSL证书的网站
1
2
3
4
5
6
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: ronniewill.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
选择是否需要跳转
1
2
3
4
5
6
7
8
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration. #不自动跳转至https
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration. #自动跳转至https
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel):2

4. 添加自动更新证书有效期任务

1
echo "0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew" | sudo tee -a /etc/crontab > /dev/null
各位看爷的支持是我创作的源泉!
0%