Let's Encrypt过程
发布于 3 年前 作者 qjzd 1095 次浏览 最后一次编辑是 2 年前 来自 码农

获取certbot-auto

 wget https://dl.eff.org/certbot-auto
--2017-03-23 10:50:41--  https://dl.eff.org/certbot-auto
Resolving dl.eff.org (dl.eff.org)... 173.239.79.196
Connecting to dl.eff.org (dl.eff.org)|173.239.79.196|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 46789 (46K) [application/octet-stream]
Saving to: 'certbot-auto'

100%[==================================================================================================================================================================>] 46,789       230KB/s   in 0.2s   

2017-03-23 10:50:45 (230 KB/s) - 'certbot-auto' saved [46789/46789]

给certbot-auto加上可执行权限

chmod a+x certbot-auto

申请证书(前提关闭其他80和443端口应用程序)

 ./certbot-auto certonly --standalone -d qjzd.net -d www.qjzd.net
Bootstrapping dependencies for Debian-based OSes...
[sudo] password for nianqin: 
Ign http://mirrors.aliyun.com trusty InRelease
Ign http://mirrors.aliyuncs.com trusty InRelease            
Get:1 http://mirrors.aliyun.com trusty-updates InRelease [65.9 kB]             
Get:2 http://mirrors.aliyuncs.com trusty-updates InRelease [65.9 kB]           
Get:3 http://mirrors.aliyun.com trusty-backports InRelease [65.9 kB]           
Get:4 http://mirrors.aliyuncs.com trusty-backports InRelease [65.9 kB]     
Hit http://mirrors.aliyun.com trusty Release.gpg                               
Hit http://mirrors.aliyuncs.com trusty Release.gpg                             
Hit http://mirrors.aliyun.com trusty Release                                   
Hit http://mirrors.aliyuncs.com trusty Release                                 
Get:5 http://mirrors.aliyun.com trusty-updates/main Sources [393 kB]           
Get:6 http://mirrors.aliyuncs.com trusty-updates/main Sources [393 kB]         
Get:7 http://mirrors.aliyun.com trusty-updates/restricted Sources [6268 B]     
Get:8 http://mirrors.aliyuncs.com trusty-updates/restricted Sources [6268 B]   
Get:9 http://mirrors.aliyun.com trusty-updates/universe Sources [175 kB]       
Get:10 http://mirrors.aliyuncs.com trusty-updates/universe Sources [175 kB]    
Get:11 http://mirrors.aliyun.com trusty-updates/multiverse Sources [7513 B]    
Get:12 http://mirrors.aliyuncs.com trusty-updates/multiverse Sources [7513 B]  
Get:13 http://mirrors.aliyun.com trusty-updates/main amd64 Packages [961 kB]   
Get:14 http://mirrors.aliyuncs.com trusty-updates/main amd64 Packages [961 kB] 
Get:15 http://mirrors.aliyun.com trusty-updates/restricted amd64 Packages [17.1 kB]
Get:16 http://mirrors.aliyuncs.com trusty-updates/restricted amd64 Packages [17.1 kB]
Get:17 http://mirrors.aliyun.com trusty-updates/universe amd64 Packages [402 kB]
Get:18 http://mirrors.aliyuncs.com trusty-updates/universe amd64 Packages [402 kB]
Get:19 http://mirrors.aliyun.com trusty-updates/multiverse amd64 Packages [14.0 kB]
Get:20 http://mirrors.aliyun.com trusty-updates/main i386 Packages [923 kB]    
Get:21 http://mirrors.aliyuncs.com trusty-updates/multiverse amd64 Packages [14.0 kB]
Get:22 http://mirrors.aliyuncs.com trusty-updates/main i386 Packages [923 kB]  
Get:23 http://security.ubuntu.com trusty-security InRelease [65.9 kB]          
Get:24 http://mirrors.aliyun.com trusty-updates/restricted i386 Packages [16.8 kB]
Get:25 http://mirrors.aliyun.com trusty-updates/universe i386 Packages [403 kB]
Get:26 http://mirrors.aliyuncs.com trusty-updates/restricted i386 Packages [16.8 kB]
Get:27 http://mirrors.aliyuncs.com trusty-updates/universe i386 Packages [403 kB]
Get:28 http://mirrors.aliyun.com trusty-updates/multiverse i386 Packages [14.4 kB]
Get:29 http://mirrors.aliyun.com trusty-updates/main Translation-en [474 kB]   
Get:30 http://mirrors.aliyuncs.com trusty-updates/multiverse i386 Packages [14.4 kB]
Get:31 http://mirrors.aliyuncs.com trusty-updates/main Translation-en [474 kB] 
Get:32 http://mirrors.aliyun.com trusty-updates/multiverse Translation-en [7340 B]
Get:33 http://mirrors.aliyun.com trusty-updates/restricted Translation-en [3975 B]
Get:34 http://mirrors.aliyuncs.com trusty-updates/multiverse Translation-en [7340 B]
Get:35 http://mirrors.aliyun.com trusty-updates/universe Translation-en [212 kB]
Get:36 http://mirrors.aliyuncs.com trusty-updates/restricted Translation-en [3975 B]
Get:37 http://mirrors.aliyuncs.com trusty-updates/universe Translation-en [212 kB]
Get:38 http://security.ubuntu.com trusty-security/main Sources [127 kB]        
Get:39 http://mirrors.aliyun.com trusty-backports/main Sources [9712 B]        
Get:40 http://mirrors.aliyun.com trusty-backports/restricted Sources [28 B]    
Get:41 http://mirrors.aliyun.com trusty-backports/universe Sources [35.3 kB]   
Get:42 http://mirrors.aliyuncs.com trusty-backports/main Sources [9712 B]      
Get:43 http://mirrors.aliyun.com trusty-backports/multiverse Sources [1898 B]  
Get:44 http://mirrors.aliyuncs.com trusty-backports/restricted Sources [28 B]  
Get:45 http://mirrors.aliyun.com trusty-backports/main amd64 Packages [13.3 kB]
Get:46 http://mirrors.aliyuncs.com trusty-backports/universe Sources [35.3 kB] 
Get:47 http://mirrors.aliyun.com trusty-backports/restricted amd64 Packages [28 B]
Get:48 http://mirrors.aliyuncs.com trusty-backports/multiverse Sources [1898 B]
Get:49 http://mirrors.aliyun.com trusty-backports/universe amd64 Packages [43.2 kB]
Get:50 http://mirrors.aliyuncs.com trusty-backports/main amd64 Packages [13.3 kB]
Get:51 http://mirrors.aliyun.com trusty-backports/multiverse amd64 Packages [1571 B]
Get:52 http://mirrors.aliyuncs.com trusty-backports/restricted amd64 Packages [28 B]
Get:53 http://mirrors.aliyun.com trusty-backports/main i386 Packages [13.3 kB] 
Get:54 http://mirrors.aliyuncs.com trusty-backports/universe amd64 Packages [43.2 kB]
Get:55 http://mirrors.aliyun.com trusty-backports/restricted i386 Packages [28 B]
Get:56 http://mirrors.aliyuncs.com trusty-backports/multiverse amd64 Packages [1571 B]
Get:57 http://mirrors.aliyun.com trusty-backports/universe i386 Packages [43.2 kB]
Get:58 http://mirrors.aliyuncs.com trusty-backports/main i386 Packages [13.3 kB]
Get:59 http://mirrors.aliyun.com trusty-backports/multiverse i386 Packages [1552 B]
Get:60 http://mirrors.aliyuncs.com trusty-backports/restricted i386 Packages [28 B]
Get:61 http://mirrors.aliyun.com trusty-backports/main Translation-en [7503 B] 
Get:62 http://mirrors.aliyuncs.com trusty-backports/universe i386 Packages [43.2 kB]
Get:63 http://mirrors.aliyun.com trusty-backports/multiverse Translation-en [1215 B]
Get:64 http://mirrors.aliyuncs.com trusty-backports/multiverse i386 Packages [1552 B]
Get:65 http://mirrors.aliyun.com trusty-backports/restricted Translation-en [28 B]
Get:66 http://mirrors.aliyuncs.com trusty-backports/main Translation-en [7503 B]
Get:67 http://mirrors.aliyuncs.com trusty-backports/multiverse Translation-en [1215 B]
Get:68 http://mirrors.aliyuncs.com trusty-backports/restricted Translation-en [28 B]
Get:69 http://mirrors.aliyun.com trusty-backports/universe Translation-en [36.8 kB]
Hit http://mirrors.aliyun.com trusty/main Sources                              
Hit http://mirrors.aliyun.com trusty/restricted Sources                        
Hit http://mirrors.aliyun.com trusty/universe Sources                          
Hit http://mirrors.aliyun.com trusty/multiverse Sources                        
Hit http://mirrors.aliyun.com trusty/main amd64 Packages                       
Hit http://mirrors.aliyun.com trusty/restricted amd64 Packages                 
Hit http://mirrors.aliyun.com trusty/universe amd64 Packages                   
Hit http://mirrors.aliyun.com trusty/multiverse amd64 Packages                 
Hit http://mirrors.aliyun.com trusty/main i386 Packages                        
Hit http://mirrors.aliyun.com trusty/restricted i386 Packages                  
Get:70 http://mirrors.aliyuncs.com trusty-backports/universe Translation-en [36.8 kB]
Hit http://mirrors.aliyuncs.com trusty/main Sources                            
Hit http://mirrors.aliyuncs.com trusty/restricted Sources                      
Hit http://mirrors.aliyuncs.com trusty/universe Sources                        
Hit http://mirrors.aliyuncs.com trusty/multiverse Sources                      
Hit http://mirrors.aliyuncs.com trusty/main amd64 Packages                     
Hit http://mirrors.aliyuncs.com trusty/restricted amd64 Packages               
Hit http://mirrors.aliyuncs.com trusty/universe amd64 Packages                 
Hit http://mirrors.aliyuncs.com trusty/multiverse amd64 Packages               
Hit http://mirrors.aliyun.com trusty/universe i386 Packages                    
Hit http://mirrors.aliyuncs.com trusty/main i386 Packages                      
Hit http://mirrors.aliyun.com trusty/multiverse i386 Packages                  
Hit http://mirrors.aliyuncs.com trusty/restricted i386 Packages                
Hit http://mirrors.aliyun.com trusty/main Translation-en                       
Hit http://mirrors.aliyuncs.com trusty/universe i386 Packages                  
Hit http://mirrors.aliyun.com trusty/multiverse Translation-en                 
Hit http://mirrors.aliyuncs.com trusty/multiverse i386 Packages                
Hit http://mirrors.aliyun.com trusty/restricted Translation-en                 
Hit http://mirrors.aliyuncs.com trusty/main Translation-en                     
Hit http://mirrors.aliyun.com trusty/universe Translation-en                   
Hit http://mirrors.aliyuncs.com trusty/multiverse Translation-en               
Hit http://mirrors.aliyuncs.com trusty/restricted Translation-en               
Hit http://mirrors.aliyuncs.com trusty/universe Translation-en                 
Get:71 http://security.ubuntu.com trusty-security/restricted Sources [4941 B]  
Get:72 http://security.ubuntu.com trusty-security/universe Sources [50.3 kB]   
Get:73 http://security.ubuntu.com trusty-security/multiverse Sources [3203 B]  
Get:74 http://security.ubuntu.com trusty-security/main amd64 Packages [594 kB] 
Get:75 http://security.ubuntu.com trusty-security/restricted amd64 Packages [14.0 kB]
Get:76 http://security.ubuntu.com trusty-security/universe amd64 Packages [154 kB]
Get:77 http://security.ubuntu.com trusty-security/universe amd64 Packages [154 kB]
Get:78 http://security.ubuntu.com trusty-security/multiverse amd64 Packages [4143 B]
Get:79 http://security.ubuntu.com trusty-security/main i386 Packages [553 kB]  
Get:80 http://security.ubuntu.com trusty-security/restricted i386 Packages [13.8 kB]
Get:81 http://security.ubuntu.com trusty-security/universe i386 Packages [154 kB]
Get:82 http://security.ubuntu.com trusty-security/multiverse i386 Packages [4292 B]
Get:83 http://security.ubuntu.com trusty-security/main Translation-en [325 kB] 
Get:84 http://security.ubuntu.com trusty-security/multiverse Translation-en [2201 B]
Get:85 http://security.ubuntu.com trusty-security/restricted Translation-en [3505 B]
Get:86 http://security.ubuntu.com trusty-security/universe Translation-en [90.2 kB]
Get:87 http://security.ubuntu.com trusty-security/main i386 Packages [553 kB]  
Fetched 10.7 MB in 1min 2s (171 kB/s)                                          
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/trusty-security/main/binary-i386/Packages  Hash Sum mismatch

E: Some index files failed to download. They have been ignored, or old ones used instead.
apt-get update hit problems but continuing anyway...
Reading package lists... Done
Building dependency tree       
Reading state information... Done
gcc is already the newest version.
The following extra packages will be installed:
  libexpat1-dev libpython-dev libpython2.7 libpython2.7-dev
  libpython2.7-minimal libpython2.7-stdlib libssl1.0.0 python-pkg-resources
  python-setuptools python2.7 python2.7-dev python2.7-minimal
Suggested packages:
  augeas-doc augeas-tools python-doc python-tk python-distribute
  python-distribute-doc python2.7-doc binfmt-support
Recommended packages:
  python-pip
The following NEW packages will be installed:
  augeas-lenses libaugeas0 libexpat1-dev libffi-dev libpython-dev
  libpython2.7-dev python python-dev python-pkg-resources python-setuptools
  python-virtualenv python2.7-dev
The following packages will be upgraded:
  ca-certificates libpython2.7 libpython2.7-minimal libpython2.7-stdlib
  libssl-dev libssl1.0.0 openssl python2.7 python2.7-minimal
9 upgraded, 12 newly installed, 0 to remove and 185 not upgraded.
Need to get 31.5 MB/32.0 MB of archives.
After this operation, 40.9 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main libssl-dev amd64 1.0.1f-1ubuntu2.22 [1074 kB]
Get:2 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main libssl1.0.0 amd64 1.0.1f-1ubuntu2.22 [828 kB]
Get:3 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main python2.7 amd64 2.7.6-8ubuntu0.3 [197 kB]
Get:4 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main libpython2.7 amd64 2.7.6-8ubuntu0.3 [1039 kB]
Get:5 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main libpython2.7-stdlib amd64 2.7.6-8ubuntu0.3 [1873 kB]
Get:6 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main python2.7-minimal amd64 2.7.6-8ubuntu0.3 [1187 kB]
Get:7 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main libpython2.7-minimal amd64 2.7.6-8ubuntu0.3 [307 kB]
Get:8 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main libpython2.7-dev amd64 2.7.6-8ubuntu0.3 [22.0 MB]
Get:9 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main openssl amd64 1.0.1f-1ubuntu2.22 [489 kB]
Get:10 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main ca-certificates all 20160104ubuntu0.14.04.1 [190 kB]
Get:11 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main augeas-lenses all 1.2.0-0ubuntu1.2 [229 kB]
Get:12 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main libaugeas0 amd64 1.2.0-0ubuntu1.2 [135 kB]
Get:13 http://mirrors.aliyun.com/ubuntu/ trusty/main python amd64 2.7.5-5ubuntu3 [134 kB]
Get:14 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main python2.7-dev amd64 2.7.6-8ubuntu0.3 [269 kB]
Get:15 http://mirrors.aliyun.com/ubuntu/ trusty-updates/universe python-virtualenv all 1.11.4-1ubuntu1 [1485 kB]
Get:16 http://mirrors.aliyun.com/ubuntu/ trusty-updates/main libffi-dev amd64 3.1~rc1+r3.0.13-12ubuntu0.1 [99.8 kB]
Fetched 31.5 MB in 29s (1070 kB/s)                                             
Preconfiguring packages ...
(Reading database ... 63837 files and directories currently installed.)
Preparing to unpack .../libssl-dev_1.0.1f-1ubuntu2.22_amd64.deb ...
Unpacking libssl-dev:amd64 (1.0.1f-1ubuntu2.22) over (1.0.1f-1ubuntu2.19) ...
Preparing to unpack .../libssl1.0.0_1.0.1f-1ubuntu2.22_amd64.deb ...
Unpacking libssl1.0.0:amd64 (1.0.1f-1ubuntu2.22) over (1.0.1f-1ubuntu2.19) ...
Preparing to unpack .../python2.7_2.7.6-8ubuntu0.3_amd64.deb ...
Unpacking python2.7 (2.7.6-8ubuntu0.3) over (2.7.6-8ubuntu0.2) ...
Preparing to unpack .../libpython2.7_2.7.6-8ubuntu0.3_amd64.deb ...
Unpacking libpython2.7:amd64 (2.7.6-8ubuntu0.3) over (2.7.6-8ubuntu0.2) ...
Preparing to unpack .../libpython2.7-stdlib_2.7.6-8ubuntu0.3_amd64.deb ...
Unpacking libpython2.7-stdlib:amd64 (2.7.6-8ubuntu0.3) over (2.7.6-8ubuntu0.2) ...
Preparing to unpack .../python2.7-minimal_2.7.6-8ubuntu0.3_amd64.deb ...
Unpacking python2.7-minimal (2.7.6-8ubuntu0.3) over (2.7.6-8ubuntu0.2) ...
Preparing to unpack .../libpython2.7-minimal_2.7.6-8ubuntu0.3_amd64.deb ...
Unpacking libpython2.7-minimal:amd64 (2.7.6-8ubuntu0.3) over (2.7.6-8ubuntu0.2) ...
Selecting previously unselected package libexpat1-dev:amd64.
Preparing to unpack .../libexpat1-dev_2.1.0-4ubuntu1.3_amd64.deb ...
Unpacking libexpat1-dev:amd64 (2.1.0-4ubuntu1.3) ...
Selecting previously unselected package libpython2.7-dev:amd64.
Preparing to unpack .../libpython2.7-dev_2.7.6-8ubuntu0.3_amd64.deb ...
Unpacking libpython2.7-dev:amd64 (2.7.6-8ubuntu0.3) ...
Preparing to unpack .../openssl_1.0.1f-1ubuntu2.22_amd64.deb ...
Unpacking openssl (1.0.1f-1ubuntu2.22) over (1.0.1f-1ubuntu2.16) ...
Preparing to unpack .../ca-certificates_20160104ubuntu0.14.04.1_all.deb ...
Unpacking ca-certificates (20160104ubuntu0.14.04.1) over (20141019ubuntu0.14.04.1) ...
Selecting previously unselected package augeas-lenses.
Preparing to unpack .../augeas-lenses_1.2.0-0ubuntu1.2_all.deb ...
Unpacking augeas-lenses (1.2.0-0ubuntu1.2) ...
Selecting previously unselected package libaugeas0.
Preparing to unpack .../libaugeas0_1.2.0-0ubuntu1.2_amd64.deb ...
Unpacking libaugeas0 (1.2.0-0ubuntu1.2) ...
Selecting previously unselected package libpython-dev:amd64.
Preparing to unpack .../libpython-dev_2.7.5-5ubuntu3_amd64.deb ...
Unpacking libpython-dev:amd64 (2.7.5-5ubuntu3) ...
Selecting previously unselected package python.
Preparing to unpack .../python_2.7.5-5ubuntu3_amd64.deb ...
Unpacking python (2.7.5-5ubuntu3) ...
Selecting previously unselected package python2.7-dev.
Preparing to unpack .../python2.7-dev_2.7.6-8ubuntu0.3_amd64.deb ...
Unpacking python2.7-dev (2.7.6-8ubuntu0.3) ...
Selecting previously unselected package python-dev.
Preparing to unpack .../python-dev_2.7.5-5ubuntu3_amd64.deb ...
Unpacking python-dev (2.7.5-5ubuntu3) ...
Selecting previously unselected package python-pkg-resources.
Preparing to unpack .../python-pkg-resources_3.3-1ubuntu2_all.deb ...
Unpacking python-pkg-resources (3.3-1ubuntu2) ...
Selecting previously unselected package python-setuptools.
Preparing to unpack .../python-setuptools_3.3-1ubuntu2_all.deb ...
Unpacking python-setuptools (3.3-1ubuntu2) ...
Selecting previously unselected package python-virtualenv.
Preparing to unpack .../python-virtualenv_1.11.4-1ubuntu1_all.deb ...
Unpacking python-virtualenv (1.11.4-1ubuntu1) ...
Selecting previously unselected package libffi-dev:amd64.
Preparing to unpack .../libffi-dev_3.1~rc1+r3.0.13-12ubuntu0.1_amd64.deb ...
Unpacking libffi-dev:amd64 (3.1~rc1+r3.0.13-12ubuntu0.1) ...
Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
Processing triggers for mime-support (3.54ubuntu1.1) ...
Processing triggers for install-info (5.2.0.dfsg.1-2) ...
Setting up libssl1.0.0:amd64 (1.0.1f-1ubuntu2.22) ...
Setting up libssl-dev:amd64 (1.0.1f-1ubuntu2.22) ...
Setting up libpython2.7-minimal:amd64 (2.7.6-8ubuntu0.3) ...
Setting up python2.7-minimal (2.7.6-8ubuntu0.3) ...
Setting up libpython2.7-stdlib:amd64 (2.7.6-8ubuntu0.3) ...
Setting up python2.7 (2.7.6-8ubuntu0.3) ...
Setting up libpython2.7:amd64 (2.7.6-8ubuntu0.3) ...
Setting up libexpat1-dev:amd64 (2.1.0-4ubuntu1.3) ...
Setting up libpython2.7-dev:amd64 (2.7.6-8ubuntu0.3) ...
Setting up openssl (1.0.1f-1ubuntu2.22) ...
Setting up ca-certificates (20160104ubuntu0.14.04.1) ...
Setting up augeas-lenses (1.2.0-0ubuntu1.2) ...
Setting up libaugeas0 (1.2.0-0ubuntu1.2) ...
Setting up libpython-dev:amd64 (2.7.5-5ubuntu3) ...
Setting up python (2.7.5-5ubuntu3) ...
Setting up python2.7-dev (2.7.6-8ubuntu0.3) ...
Setting up python-dev (2.7.5-5ubuntu3) ...
Setting up python-pkg-resources (3.3-1ubuntu2) ...
Setting up python-setuptools (3.3-1ubuntu2) ...
Setting up python-virtualenv (1.11.4-1ubuntu1) ...
Setting up libffi-dev:amd64 (3.1~rc1+r3.0.13-12ubuntu0.1) ...
Processing triggers for libc-bin (2.19-0ubuntu6.6) ...
Processing triggers for ca-certificates (20160104ubuntu0.14.04.1) ...
Updating certificates in /etc/ssl/certs... 19 added, 19 removed; done.
Running hooks in /etc/ca-certificates/update.d....done.
Creating virtual environment...
Installing Python packages...
Installation succeeded.
Requesting root privileges to run certbot...
  /home/nianqin/.local/share/letsencrypt/bin/letsencrypt certonly --standalone -d qjzd.net -d www.qjzd.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel):bu__dong@163.com

-------------------------------------------------------------------------------
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf. You must agree
in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
-------------------------------------------------------------------------------
(A)gree/(C)ancel: A

-------------------------------------------------------------------------------
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
-------------------------------------------------------------------------------
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for qjzd.net
tls-sni-01 challenge for www.qjzd.net
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0000_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0000_csr-certbot.pem

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at
   /etc/letsencrypt/live/qjzd.net/fullchain.pem. Your cert will expire
   on 2017-06-21. To obtain a new or tweaked version of this
   certificate in the future, simply run certbot-auto again. To
   non-interactively renew *all* of your certificates, run
   "certbot-auto renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

尝试更新证书

./certbot-auto renew --dry-run --dry-run的模式下,会生成测试证书,但是这些测试证书并不会被保存,更新直接用./certbot-auto renew

Requesting root privileges to run certbot...
  /home/nianqin/.local/share/letsencrypt/bin/letsencrypt renew --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/qjzd.net.conf
-------------------------------------------------------------------------------
Cert not due for renewal, but simulating renewal for dry run
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for qjzd.net
tls-sni-01 challenge for www.qjzd.net
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0001_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0001_csr-certbot.pem

-------------------------------------------------------------------------------
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/qjzd.net/fullchain.pem
-------------------------------------------------------------------------------
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates below have not been saved.)

Congratulations, all renewals succeeded. The following certs have been renewed:
  /etc/letsencrypt/live/qjzd.net/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates above have not been saved.)

IMPORTANT NOTES:
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.

总结

在nginx.conf的配置中添加到ssl的server区域

server {
        . . .
        location ~ /.well-known {
                allow all;
        }
        . . .
}

sudo certbot-auto certonly --webroot --webroot-path=/home/nianqin/nginx/nginx-1.9.6/build/html -d qjzd.net sudo /home/nianqin/letsencrypt/certbot-auto renew --renew-hook “/home/nianqin/nginx/nginx-1.9.6/build/sbin/nginx -s reload”

参考链接

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04 https://certbot.eff.org/#ubuntutrusty-nginx http://blog.csdn.net/chszs/article/details/47276899 https://zhaodi.me/remove-domains-from-lets-encrypt-ssl-tls-certificate/ (删除域名) https://qjzd.net/topic/5a3a670df918faeb4003145c

回到顶部