acme.sh配置证书

define9 Lv2
  2024-10-16 21:31:22 2024-10-16 21:31 创建   2024-10-16 22:14:29 2024-10-16 22:14 更新    

安装

1
2
3
4
5
6
7
curl  https://get.acme.sh | sh
cd 
acme.sh --register-account -m xxx@xx.com
./acme.sh --dns --issue -d syhu.com.cn --yes-I-know-dns-manual-mode-enough-go-ahead-please
# 添加完dns的txt解析后,提示用renew重新执行
./acme.sh --dns --renew -d syhu.com.cn --yes-I-know-dns-manual-mode-enough-go-ahead-please
# 提示证书文件位置

Nginx配置

案例:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
# include /etc/nginx/conf.d/*.conf;

server {
	server_name x6.a.com x.a.com;
	
	# SSL configuration
	listen 443 ssl;
	listen [::]:443 ssl;
    
    # cer / crt证书文件 证书文件 key的路径
    ssl_certificate /path/syhu.com.cn.cer;
    ssl_certificate_key /path/syhu.com.cn.key;
    
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;
	
	# Load configuration files for the default server block.
	# include /etc/nginx/default.d/*.conf;
	
	location / {
		proxy_pass http://alist;
		#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_set_header Host $http_host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header Range $http_range;
		proxy_set_header If-Range $http_if_range;
		proxy_redirect off;
		
		#the max size of file to upload
		client_max_body_size 20000m;
	}
}
  • 标题: acme.sh配置证书
  • 作者: define9
  • 创建于: 2024-10-16 21:31:22
  • 更新于: 2024-10-16 22:14:29
  • 链接: https://github.com/define9/2024/10/16/acme-sh配置证书/
  • 版权声明: 本文章采用 CC BY-NC-SA 4.0 进行许可。
 评论
此页目录
acme.sh配置证书
  1. 安装
  2. Nginx配置