免費https證書製作

0.環境

系統：centos6.5

服務器：Apache/2.4.17

1.安裝

wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
./certbot-auto

2.配置

修改./apache/config/httpd.conf

爲正確的ServerName

ServerName www.ddbaodai.com:80

修改或添加下列配置./apache/config/extra/httpd-vhost.conf

需要先註釋掉SSL相關的配置防止出錯

<VirtualHost *:443>
    DocumentRoot "/DocumentRoot"
    ServerName xxx.com
    ServerAlias www.xxxx.com
#    SSLEngine on
#    SSLCertificateFile /etc/letsencrypt/live/www.xxx.com/fullchain.pem
#    SSLCertificateKeyFile /etc/letsencrypt/live/www.xxx.com/privkey.pem
    <Directory "/DocumentRoot">
        RewriteEngine on

        RewriteBase /
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteCond %{REQUEST_URI} !=/favicon.ico
        RewriteRule ^ index.php [L]
        Options -Indexes +FollowSymLinks

        AllowOverride None
        Require all granted
    </Directory>

</VirtualHost>

重啓apache

service httpd restart 

或者./apache/bin/apachectl restart

3.獲取證書

./certbot-auto certonly --email [email protected] --agree-tos --webroot -w /www -d www.xxx.com

正常情況下證書會存在 /etc/letsencrypt/live/www.xxx.com目錄中

然後放開./apache/config/extra/httpd-vhost.conf中的SSL相關配置

重啓apache