git --version
yum install git#检查Python的版本是否在2.7以上
python -v
安装python所需的包
yum install zlib-devel yum install bzip2-devel yum install openssl-devel yum install ncurses-devel yum install sqlite-devel
cd /usr/local/src wget https://www.python.org/ftp/python/2.7.12/Python-2.7.12.tar.xz#解压Python2.7.12
tar -zxvf Python-2.7.12.tar.xz
#编译
python cd Python-2.7.12/ ./configure --prefix=/usr/local/python2.7 make && make install
#建立链接
ln -s /usr/local/python2.7/bin/python2.7 /usr/local/bin/python
git clone https://github.com/letsencrypt/letsencrypt#进入letsencrypt目录
cd letsencrypt#生成证书
./letsencrypt-auto certonly --standalone --email root@itsec.vip -d www.90qj.com -d itsec.vip
./letsencrypt-auto install这个命令是向导命令,可以按照提示输入域名等信息自动配置好nginx或者apache的ssl
第三、Let's Encrypt免费SSL证书获取与应用
privkey.pem - 安全证书KEY文件
#打开linux配置文件,修改HTTPS 443端口配置
<VirtualHost *:443> ServerAdmin root@itsec.vip ServerName www.90qj.com ServerAlias www.90qj.com DocumentRoot /var/www/html/ ErrorLog /var/logs/error.log CustomLog /var/logs/access.log combined SSLCertificateFile /etc/letsencrypt/live/itsec.vip-0006/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/itsec.vip-0006/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/itsec.vip-0006/chain.pem </VirtualHost>至此https配置完成,重启apache服务可以访问https
第四、解决Let's Encrypt免费SSL证书有效期问题
Let's Encrypt证书是有效期90天的,需要我们自己手工更新续期才可以。
/root/letsencrypt/letsencrypt-auto renew
!评论内容需包含中文