acme.sh 结合dnspod申请通配符证书
安装
curl https://get.acme.sh | sh -s email=my@example.com
alias acme.sh=~/.acme.sh/acme.sh或者国内:
git clone https://gitee.com/neilpang/acme.sh.git
cd acme.sh
./acme.sh --install -m my@example.com
alias acme.sh=~/.acme.sh/acme.sh创建密钥
https://console.dnspod.cn/account/token/token
申请证书
export DP_Id="123456"
export DP_Key="abcdefg"
acme.sh --issue --dns dns_dp -d trycatch.xyz -d *.trycatch.xyz安装证书
需要先创建目录/var/cert/
acme.sh --install-cert -d trycatch.xyz --key-file /var/cert/trycatch.xyz.key.pem --fullchain-file /var/cert/trycatch.xyz.cert.pem --reloadcmd "service nginx force-reload"Nginx 相关配置
http 转 https
server {
listen 80;
server_name blog.trycatch.xyz;
rewrite ^(.*) https://$server_name$1 permanent;
}证书配置
server {
listen 443 ssl;
server_name blog.trycatch.xyz;
ssl_certificate /var/cert/trycatch.xyz.cert.pem;
ssl_certificate_key /var/cert/trycatch.xyz.key.pem;
}
1 Comment