Oneinstack automatically deploy let ' s encrypt certificate

Let's encrypt is a joint project initiated by the Electronic Outpost Foundation, the Mozilla Foundation, Akamai, the University of Michigan and Cisco. It is designed to provide a free, fully automated certificate application process for webmasters so that the entire Internet can enjoy HTTPS encryption. Let's encrypt certificate application process is simple, secure, fast, automated, and free. Let ' s encrypt is an intermediate CA whose CA certificate is issued by Identrust. Identrust is a root CA that is trusted by all major browsers. Since October 2015, let's encrypt's intermediate CA certificate has been trusted by Chrome, Firefox, Microsoft Edge, Safari and opera.

Recently, the official has made the adjustment, simplifies obtains the certificate the difficulty, and has changed the project name to Certbot, formerly called Letsencrypt. Certbot can automate the application, installation, and updating of certificates.

Oneinstack has built-in let's encrypt,vhost.sh binding domain name automatic request, binding, automatic renewal (default 90 days) one-step, the tutorial is as follows:

wget http://mirrors.linuxeye.com/oneinstack.tar.gz
Tar xzf oneinstack.tar.gz
CD Oneinstack
./addons.sh

The following figure:

The appearance of Green let's Encrypt client install successfully! means Certbot installation is successful, as shown in the following figure:

Using certificates

vhost.sh bound domain SSL Select Y,let ' s encrypt select Y


1../vhost.sh

Attention matters


• Binding the domain name will automatically add the corresponding automatic renewal script in Crontab

• A maximum of 10 domain names for the same IP within 3 hours

• Within seven days of the same root domain, only 5 certificates can be registered. The same child domain name registration or update is calculated by the number of