1. Get Certbot-auto
wget Https://dl.eff.org/certbot-auto
2. Add Execute Permissions
chmod a+x Certbot-auto
3. Automatically download and install the required components for your environment
./certbot-auto--apache Certonly
4. The certificate required to generate the domain name (the red part is the path to the site access and the domain name that requires the certificate to be generated)
./certbot-auto certonly--email [email protected]--agree-tos--webroot-w /www/web/blxz/public_html -D b lxz.qq.cn
5. The generated path should be (should be four certificate files):
/etc/letsencrypt/live/blxz.qq.com/privkey.pem
6. Configure the Apache file (vhost domain name profile. conf)
<virtualhost *:443>DocumentRoot/www/web/blxz/public_htmlservername blxz. QQ.Comserveralias blxz. QQ.comerrordocument400/errpage/400.htmlerrordocument403/errpage/403.htmlerrordocument404/errpage/404.Htmlsslengine Onsslcertificatefile/etc/letsencrypt/live/blxz.qq.com/cert.Pemsslcertificatekeyfile/etc/letsencrypt/live/blxz.qq.com/privkey.Pemsslcertificatechainfile/etc/letsencrypt/live/blxz.qq.com/chain.Pemphp_admin_value Open_basedir/www/web/blxz:/tmp<ifmodule mod_deflate.c>Deflatecompressionlevel7addoutputfilterbytype DEFLATE Text/html Text/plain Text/xml application/x-httpd-phpaddoutputfilter DEFLATE css js html htm gif jpg png bmp PHP</IfModule></VirtualHost><Directory/www/web/blxz>Options followsymlinks allowoverride all Order allow,deny allow from all</Directory>
7. Restart Apache Configuration
Service httpd Restart
Note: Certbot Let's encrypt is permanently free but requires 90 days to activate a renewal
Linux uses Certbot to generate its own certificate Apache version