ssl - 自动续签
安装
- 检测
apt更新
shell
sudo apt update- 安装 Cerbot
shell
sudo apt install certbot python3-certbot-nginx -y- 自动配置 HTTPS
sudo certbot --nginx这里会读取当前的配置文件 读取出 server_name 选择想配置的域名编号即可 多个编号用空格分割
- 完成后会自动更新
nginx配置文件
conf
server {
server_name futureforging.cn www.futureforging.cn;
access_log /var/log/nginx/offical.access.log;
error_log /var/log/nginx/offical.error.log;
location / {
proxy_pass http://127.0.0.1:3001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/futureforging.cn/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/futureforging.cn/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.futureforging.cn) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = futureforging.cn) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name futureforging.cn www.futureforging.cn;
return 404; # managed by Certbot
}