Let’s Encrypt 今天开始进行公开测试,果断弄一个
首先确定python版本大于2.7,否则会出现各种问题
python -V然后关闭web服务,确认80端口和443端口无占用
service httpd stop确认后无误,就可以开始了签发
yum -y install git git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt ./letsencrypt-auto certonly --server https://acme-v01.api.letsencrypt.org/directory --agree-dev-preview过程中会让你输入邮箱以及域名之类,照实输入就行了。 签发的证书证书保存在
/etc/letsencrypt/live/xxxxxxxx.com/fullchain.pem /etc/letsencrypt/archive/xxxxxxxx.com/privkey.pem最后,只需将http.conf中配置指向证书,重启web服务
SSLCertificateFile /etc/letsencrypt/live/xxxxxxxx.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/xxxxxxxx.com/privkey.pem
后记
这玩意各种出错,重新编译了N次py才签好,不要轻易尝试。还是StartSSL方便。