Esiry.com
Focus on Machine Learning.

Configuring Let’s Encrypt free wildcard SSL certificate on Ubuntu using acme.sh

An ACME Shell script: acme.sh

GitHub: https://github.com/Neilpang/acme.sh

Acme.sh implements the acme protocol, which can generate free certificates from Let’s Encrypt, and now supports *.domain.com wildcard certificates.

Open the terminal installation support package

sudo apt-get install socat

Install acme.sh, support root and normal account. After the installation is complete, you must close the current terminal and re-open one to make the acme.sh command take effect.

curl https://get.acme.sh | sh

First, you need to go to the DNSPOD background to generate the API Token (if the domain name registered by Tencent Cloud, you can log in to DNSPOD directly with Tencent Cloud account)
Apply for DNS API Token on Tencent Cloud Domain Name Service https://www.dnspod.cn, Security Settings – Create API Token

Obtain the key of the Aliyun Domain Name API. If you log in to the Alibaba Cloud website, click https://ak-console.aliyun.com/#/accesskey to see your key. If you don’t create one, you can create one directly.

Execute the following three commands in sequence, replacing them with your own Id and Key.

export DP_Id="1234"
export DP_Key="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
acme.sh --issue --dns dns_dp -d mydomian.com -d *.mydomian.com

After waiting for a while, your wildcard certificate is quietly lying at ~/.acme.sh/mydomian.com/

Then configure the certificate, taking Ubuntu as an example, refer to this article.
Apache2 configures https under Ubuntu and forces http to https

Apache2 configures https on Ubuntu and forces http to https

Create a new folder to save the certificate. Note that you cannot directly copy the generated certificate to the directory. You need to use the install command.

cd /etc/apache2
sudo mkdir certs
cd ~

Install the generated certificate into this directory and save it for reference in Apache2. Enter the following command in the terminal (note that this is a single command, but just change the line) Save the certificate to /etc/apache2/certs

acme.sh --install-cert -d luochenzhimu.com \
--cert-file /etc/apache2/certs/luochenzhimu.com.crt  \
--key-file /etc/apache2/certs/luochenzhimu.com.key  \
--ca-file /etc/apache2/certs/ca.crt \
--reloadcmd "service apache2 force-reload"

Copy 000-default.conf and default-ssl.conf in the /etc/apache2/sites-available directory to /etc/apache2/sites-enabled

Configure default-ssl.conf as

SSLCertificateFile  /etc/apache2/certs/luochenzhimu.com.crt
SSLCertificateKeyFile /etc/apache2/certs/luochenzhimu.com.key
SSLCertificateChainFile /etc/apache2/certs/ca.crt

Restart apache, you should already be able to access https

sudo service apache2 restart

Follow-up update acme.sh method

acme.sh --upgrade

Configuring Let’s Encrypt free wildcard SSL certificate on Ubuntu using acme.sh

Your support will encourage us to be creative continuously!

Use [WeChat] Scan QR code for Appreciation

Use [Alipay] Scan QR code for Appreciation

Jumping to PayPal...
赞(0)
Please indicate the source:Esiry » Configuring Let’s Encrypt free wildcard SSL certificate on Ubuntu using acme.sh

Comment 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址