1 Introduction
Let's Encrypt is a public free SSL project abroad. It is hosted by the Linux Foundation. Its origins are not small. It was initiated by Mozilla, Cisco, Akamai, IdenTrust and EFF. The Internet transitioned from HTTP to HTTPS. Let's Encrypt installation and deployment is simple and convenient. At present, Cpanel, Oneinstack and other panels have integrated Let's Encrypt one-click application and installation. There are also many online free SSL certificate application websites made by using the open source features of Let's Encrypt. 's approval. On the one hand, Let's Encrypt SSL is already supported by browsers such as Firefox, Chrome, and IE, but not in IE 6. On the other hand, Let's Encrypt SSL certificate download and installation is foolproof.
2. Apply for installation conditions
Centos/Redhat 7 system has installed and started nginx, which can be accessed through the domain name. The nginx service port number includes 80, and nginx is added to the environment variable.
3. Installation
Download the corresponding epel source:
https://fedoraproject.org/wiki/EPEL#How_can_I_use_these_extra_packages.3F
copy to the system
[root@ymzvip520 ~]# rpm -ivh epel-release-latest-7.noarch.rpm
After installing the epel source, you can install certbot_nginx through yum:
[root@ymzvip520 ~]# yum install certbot-nginx -y
After the installation is complete, the ssl certificate can be generated through the certbot command, but this is only useful for nginx installed through yum or rpm, and the following error occurs for nginx installed by compiling:
The reason is that the path of nginx is written dead in the code, and the path in the code is
Therefore, you need to change the server_root to the path of your actual environment. The requirement of the path is to the directory of nginx.conf. After modification, it can run successfully.
4. Apply for ssl certificate
The execution command is as follows:
[root@ymzvip520 ~]# certbot --nginx
Fill in as prompted