使用 certbot 申请 Let's Encrypt 免费证书,部署到 nginx 中,开启 https

原文:https://ichochy.com/posts/blog/20240110.html

使用 certbot 可以很方便、快捷的通过 Let’s Encrypt 申请免费的证书,并部署到 nginx 中,开启 HTTP。

在 Linux 通过命令安装

安装 Nginx

sudo apt install nginx

安装 certbot

先安装 snap

sudo apt install snap

再通过 snap 安装 certbot

sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot

运行 certbot 给 Nginx 安装证书

sudo certbot --nginx

设置邮箱,输入自己的邮箱

Enter email address (used for urgent renewal and security notices)
 (Enter 'c' to cancel): me@ichochy.com

确认条款

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf. You must
agree in order to register with the ACME server. Do you agree?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: y

订阅邮件

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: y      

签发域名,输入自己的域名

Account registered.
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): ichochy.com

证书部署成功

Successfully received certificate.
……
Deploying certificate
Successfully deployed certificate for ichochy.com to /etc/nginx/sites-enabled/default
Congratulations! You have successfully enabled HTTPS on https://ichochy.com

检测 Nginx 证书部署

访问 https://ichochy.com,已经自动跳转到 HTPPS,证书已经成功部署到 Nginx 中,并成功配置并重启成功
Nginx 配置文件 /etc/nginx/sites-enabled/default

打赏

Sponsor