- 下载正式生成程序
- 生成证书:./certbot-auto certonly --standalone -w /var/www/xxx -xxx.xxx.com -d www.xxxx.com 其中:--standalone(无需指定项目根目录) /var/www/xxx目录要先建立 -xxx.xxx.com -d www.xxxx.com 是要使用证书的两个域名
- nginx配置:
(自动跳转https)
server {
listen 80;
server_name xxxx.com;
rewrite ^(.*) https://xxxx.com$1 permanent;
}
server {
listen 443;
server_name xxxx.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/xxxx.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxxx.com/privkey.pem;
}