dxin/Work-configuration-file
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Work-configuration-file/nginx/证书/自签名证书.conf
dxin 0e593caf99 初始化提交
2025-10-07 15:58:15 +08:00

42 lines
1.6 KiB
Plaintext
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 访问账户注册页面注册一个ZeroSSL账户https://app.zerossl.com/signup
# 获取账户的EAB凭证用来注册acme帐户https://app.zerossl.com/developer ,生成并保存EAB KID、EAB HMAC Key
# EAB KID: 0LMQmCsN7JfTiUGSBlt92A
# EAB HMAC Key: 0f7MrdOiBgoWO-KUDYvOjdebphcbJM6yL1l1fswh70girLlnp5iayptXf83QGm1JUMpZCTXAER87k3HPuDYxjw
# 安装 acme.sh
curl https://get.acme.sh | sh
source ~/.bashrc
# 注册 ZeroSSL 账户
acme.sh --register-account --server zerossl \
--eab-kid 你的eab-kid \
--eab-hmac-key 你的eab-hmac-key
# 设置你的 DNS 提供商的 API比如 Cloudflare需要 API Key
export CF_Account_ID="630ec20446f17247191cbaec23d8af61"
export CF_Key="ran6bGxXpJ1Df-uZFPFAgfRRcgz_Us4hd0e_e_kO"
export CF_Email="Dinxinchen@gmail.com"
# 申请证书DNS 验证方式,不需要公网 IP,过程可能提示无法添加dns TXT 解析,按提示手动添加也可以
acme.sh --issue --dns dns_cf -d sit.lessie.ai
#证书申请成功后acme.sh 会将证书文件存放在以下目录:
#证书文件:/root/.acme.sh/sit.lessie.ai_ecc/sit.lessie.ai.cer
#私钥文件:/root/.acme.sh/sit.lessie.ai_ecc/sit.lessie.ai.key
#完整证书链文件:/root/.acme.sh/sit.lessie.ai_ecc/fullchain.cer
# nginx配置具体路径具体写
ssl_certificate /data/tengine/conf/certificate/lessie.ai/fullchain.cer;
ssl_certificate_key /data/tengine/conf/certificate/lessie.ai/sit.lessie.ai.key;
# 查询证书有效期
openssl x509 -in /etc/nginx/ssl/fullchain.cer -noout -dates
# 手动续期
acme.sh --renew -d sit.lessie.ai
Reference in New Issue View Git Blame Copy Permalink