Calling acme_tiny.py authentication, obtaining, and updating certificates does not require additional dependencies.
Download to Local
wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.conf
wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.sh
chmod +x letsencrypt.sh
Configuration file
Only need to modify Domain_key Domain_dir DOMAINS for your own information
account_key= "Letsencrypt-account.key"
domain_key= "Example.com.key"
Domain_dir= "/var/www/example.com"
Domains= "Dns:example.com,dns:whatever.example.com"
The required key file is generated automatically during execution.
Run
./letsencrypt.sh letsencrypt.conf
Attention
Need to have bound domain name to/var/www/example.com directory, that is, through http://example.com http://whatever.example.com can access to the/var/www/example.com directory, Validation for domain names
See the following information indicating success of build/update
Generate CSR ...
Parsing Account Key ...
Parsing CSR ...
Registering account ...
Already registered!
Verifying www.hdj.me ...
Www.hdj.me verified!
Signing certificate ...
Certificate signed!
New CERT:WWW.CHAINED.CRT has been generated
The build certificate includes
-rw-r–r–1 root root 3.2K Dec 17:04 Letsencrypt-account.key
-rw-r–r–1 root root 17:03 Dec letsencrypt.conf
-rwxr-xr-x 1 root 1.7K Dec 16:57 letsencrypt.sh
-rw-r–r–1 root root 1.7K Dec 00:58 Lets-encrypt-x1-cross-signed.pem
-rw-r–r–1 root root 3.4K Dec 08:38 www.chained.crt
-rw-r–r–1 root root 1.8K Dec 08:38 www.crt
-rw-r–r–1 root root 920 Dec 08:37 WWW.CSR
-rw-r–r–1 root root 1.7K Dec 17:04 Example.com.key
Nginx Configuration
Listen 443 SSL;
SSL_CERTIFICATE/PATH/LETSENCRYPT/WWW.CHAINED.CRT;
Ssl_certificate_key/path/letsencrypt/example.com.key;
Ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
Cron timed Tasks
A certificate is automatically updated once a month, and can be reloaded at the end of the script by adding service Nginx reload.
0 0 1 * */etc/nginx/certs/letsencrypt.sh/etc/nginx/certs/letsencrypt.conf >>/var/log/lets-encrypt.log 2> &1