Ubuntu Nginx installation Certbot (Letsencrypt)

Source: Internet
Author: User
Tags certbot letsencrypt

https://certbot.eff.org

To the above site follow the steps to install Certbot,

After the installation is complete, Certbot generates a certificate in two ways

The first type: certonly mode, Certbot will start the own nginx (if the server already has nginx, need to stop the existing nginx) to generate certificates

Certbot certonly--standalone-d example.com-d www.example.com

The second type: Webroot mode,

Certbot will generate random files to the given directory (the Web directory of Nginx configuration)/.well-known/acme-challenge/目录里面,

and generate the certificate through the Nginx validation random file that has been started.

Certbot certonly--webroot-w /usr/local/nginx/html-d logan.ren-d llcv.pw-w /var/www/thing-d thing.i S-d m.thing.is

-W nginx.conf Server configuration of the Web directory, both generating a directory of randomly verified files

-D nginx.conf in server_name;

Finally, if you want to renew

Certbot Renew--dry-run

= = above Certbot complete, the following is about the installation of Nginx =

Install Nginx before installing the required components

sudo Install libpcre3 libpcre3-dev libpcrecpp0 libssl-dev Zlib1g-dev

Download Nginx

wget http://nginx.org/download/nginx-1.13.0.tar.gz

Decompression Nginx

tar -zxvf nginx-1.13. 0. tar. gz

Compiling Nginx

./configure--with-http_ssl_module

Make && make install

or a custom configuration

./configure \
--sbin-path=/opt/nginx/nginx \
--conf-path=/opt/nginx/nginx.conf \
--pid-path=/opt/nginx/nginx.pid \
--with-http_ssl_module \
--with-pcre=/usr/local/src/pcre \
--with-zlib=/usr/local/src/zlib \
--with-openssl=/usr/local/src/openssl

Make && make install

Start Nginx

Soft-chain Nginx Ln -s/usr/local/nginx/sbin/nginx/usr/local/bin/nginx start Nginx

To view ports:

Netstat-ano|grep 80

To see if a module is installed

Dpkg-l | grep openss

nginx.conf Configuration

Server {Listen the;        server_name Logan.ren LLCV.PW WWW.LLCV.PW; Location~ /{proxy_pass http://logan.ren:5050;} Location^~/.well-known/acme-challenge/{Default_type"Text/plain"; Root/usr/local/nginx/html} Location=/.well-known/acme-challenge/{return404; }} server {Listen443SSL;        server_name Logan.ren, LLCV.PW; Ssl_certificate/etc/letsencrypt/live/logan.ren/Fullchain.pem; Ssl_certificate_key/etc/letsencrypt/live/logan.ren/Privkey.pem; Ssl_trusted_certificate/etc/letsencrypt/live/logan.ren/Chain.pem; # Ssl_dhparam/etc/nginx/tls1.2/Dhparam.pem; Ssl_protocols TLSv1 TLSv1.1TLSv1.2; # ssl_ciphers"Eecdh+aesgcm:edh+aesgcm:aes256+eecdh:aes256+edh"; Location/www/{root/opt/llc/www/LLCV;        Index index.html; } Location~ /{proxy_pass http://logan.ren:5050;        }    }

Ubuntu Nginx installation Certbot (Letsencrypt)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.