标签:安全 mct 搭建 pem min login target auto weixin
以前写过利用 wordpress 搭建的一个博客『个人博客搭建( wordpress )』,绑定了域名,但是没开启 https,在浏览博客的时候浏览器会提示不安全。下面来谈下个人博客如何免费申请证书,开启 https 。
系统环境要求:python2.7+
手动申请网址:letsencrypt.osfipin.com/v2/login
yum install -y git
查看版本号:git --version
卸载:yum remove git
git clone https://github.com/letsencrypt/letsencrypt
在 letsencrypt 目录下执行
./letsencrypt-auto certonly --standalone --email YOUR_EMAIL -d xxx.com --quiet --agree-tos
rm -rf ~/.pip/pip.conf
# vim /etc/nginx/nginx.conf ... http { ... server { listen 80; server_name xxx.com; return 301 https://$host$request_uri; } server { listen 443 ssl http2; server_name xxx.com; server_name_in_redirect off; ssl_certificate "/etc/letsencrypt/live/hirat.online/fullchain.pem"; ssl_certificate_key "/etc/letsencrypt/live/hirat.online/privkey.pem"; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header REQUEST-URI $request_uri; proxy_set_header Cookie $http_cookie; proxy_pass http://localhost:9090; proxy_cookie_domain domino.server nginx.server; proxy_redirect off; } } }
systemctl start nginx.service
浏览器输入:https://xxx.com 看看效果。
特别提醒:上面的方法申请的 Let‘s Encrypt 免费证书有效期90天的,别忘了续签。
标签:安全 mct 搭建 pem min login target auto weixin
原文地址:https://www.cnblogs.com/lifefriend/p/10828078.html
