acme.sh 结合dnspod申请通配符证书

acme.sh 结合dnspod申请通配符证书

安装

curl  https://get.acme.sh | sh -s email=my@example.com
alias acme.sh=~/.acme.sh/acme.sh

或者国内:

git clone https://gitee.com/neilpang/acme.sh.git
cd acme.sh
./acme.sh --install -m my@example.com
alias acme.sh=~/.acme.sh/acme.sh

创建密钥

https://console.dnspod.cn/account/token/token

申请证书

export DP_Id="123456"
export DP_Key="abcdefg"

acme.sh --issue --dns dns_dp -d trycatch.xyz -d *.trycatch.xyz

安装证书

需要先创建目录/var/cert/

acme.sh --install-cert -d trycatch.xyz  --key-file  /var/cert/trycatch.xyz.key.pem --fullchain-file /var/cert/trycatch.xyz.cert.pem --reloadcmd  "service nginx force-reload"

Nginx 相关配置

http 转 https

server {
    listen       80;
    server_name  www.yangtzecoder.com;
    rewrite ^(.*) https://$server_name$1 permanent;
}

证书配置

server {
    listen       443 ssl;
    server_name  www.yangtzecoder.com;
    ssl_certificate  /var/cert/trycatch.xyz.cert.pem;
    ssl_certificate_key /var/cert/trycatch.xyz.key.pem;
}

1 Comment

Leave a Comment

Back to Top