Nginx教程

Nginx免费SSL证明书自动设置

本文主要是介绍Nginx免费SSL证明书自动设置,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
  1. 按照自动设置工具
$ apt-get update
$ sudo apt-get install certbot
$ apt-get install python3-certbot-nginx
  1. 配置Nginx
    /etc/nginx/conf.d
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    root /var/www/html;
    server_name example.com www.example.com;
}
  1. 更新配置
nginx -t && nginx -s reload
  1. 自动生成SSL并配置
$ sudo certbot --nginx -d example.com -d www.example.com
  1. 出现下面消息代表配置成功
Congratulations! You have successfully enabled https://example.com and https://www.example.com 

-------------------------------------------------------------------------------------
IMPORTANT NOTES: 

Congratulations! Your certificate and chain have been saved at: 
/etc/letsencrypt/live/example.com/fullchain.pem 
Your key file has been saved at: 
/etc/letsencrypt/live/example.com//privkey.pem
Your cert will expire on 2017-12-12.
  1. 查看更新后的配置文件
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    root /var/www/html;
    server_name  example.com www.example.com;

    listen 443 ssl; # managed by Certbot

    # RSA certificate
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot

    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot

    # Redirect non-https traffic to https
    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot
}
  1. 到期自动更新设置
crontab -e
0 12 * * * /usr/bin/certbot renew --quiet
这篇关于Nginx免费SSL证明书自动设置的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
您可能喜欢
栏目导航