进行操作前请确认nginx曾经装置实现。。。
1,首先装置certbot
apt install certbot python3-certbot-nginx2,生成证书
certbot --nginx -d example.com -d www.example.com在执行这一步的时候会让你填写邮箱地址来告诉你续订工夫等平安问题,邮箱自便,而后是一些其余问题
操作胜利最初能够看一下/etc 目录下是否生成了letsencrypt 目录,(这一步可能会有提早,我是等了一会儿才生成进去)
3,配置nginx
server {
listen 80;
server_name www.example.com;
#将HTTP 301 重定向到 HTTPS
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
server_name www.example.com;
}最初重启nginx
以上文章参考自
https://blog.csdn.net/setoy/a…
https://www.cnblogs.com/cool-…
感激不尽
发表回复