https certificate request
Https certificate for a free application by Let 's Encrypt
- Official Web site
first before hands, can go certbot see, I think it is necessary to it! -
Installation certbot
yum install epel-release -y yum install certbot
- Wildcard certificate request command
execution will command the owner to verify the domain name, which is to add a TXT record to the domain console.certbot certonly -d *.test.com --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory
Domain directory will be displayed after the completion of
4, automatic renewal
echo "0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew" | sudo tee -a /etc/crontab > /dev/null
30 days before renewal of default due, if not satisfied can manually configure
/etc/letsencrypt/renewal/test.conf
5, certificate clean up
if you do not want it or for other reasons need to clean up, you can execute the following command
rm -rf /etc/letsencrypt/live/www.example.com/
rm -rf /etc/letsencrypt/archive/www.example.com/
rm /etc/letsencrypt/renewal/www.example.com.conf