Install certbot(Let's encrypt) / centos
To install certbot first we need to make sure we have the EPEL repository enabled, to do that execute the following command:
# yum -y install epel-release
Make sure yum-utils is installed:
# yum -y install yum-utils
Then install certbot for <u>Apache</u>:
# yum -y install certbot-apache
Now that we have certbot installed, run certbot with the following command:
# certbot --apache
Or install certbot for Nginx:
# sudo yum -y install certbot-nginx
Now that we have certbot installed, run certbot with the following command:
# sudo certbot --nginx -d hynial.cn -d www.hynial.cn
This runs certbot with the --nginx plugin, using -d to specify the names we’d like the certificate to be valid for.
Result For Nginx
server {
listen 443 ssl;
server_name hynial.cn www.hynial.cn;
keepalive_timeout 75;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_certificate /etc/letsencrypt/live/*.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/*.com/privkey.pem; # managed by Certbot
root /var/www/hynial.cn/html;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
location /index/ {
default_type text/html;
add_header Content-Type 'text/html; charset=utf-8';
return 200 "hello world";
}
}
Notice to directives: ssl_certificate / ssl_certificate_key
Exception Situation
-
UnicodeEncodeError: 'ascii' codec can't encode characters in position 1891-1892: ordinal not in range(128)Fix:
Find non ascii character in that file : /etc/nginx/nginx.conf /etc/nginx/sites-available/
sudo grep -r -P '[^\x00-\x7f]' /etc/nginx/nginx.confOr:
sudo grep -nRP '[\x80-\xFF]' /etc/nginxFinded ,then delete/correct it.
Ref
nginx :(ubuntu)
Apache:(centos/redhat)
https://linuxhostsupport.com/blog/how-to-install-lets-encrypt-on-centos-7-with-apache/
网友评论