Centos系统移步:
Nginx + CertBot 配置HTTPS泛域名证书(CentOS)
# 安装nginx
此步省略, 以nginx安装在'/usr/local/nginx-1.23.3'目录为例# 1. 安装certbot
apt-get install certbot python3-certbot-nginx
# 2. 获取证书
# 自动配置, --nginx-server-root指定nginx配置文件目录
certbot --nginx --nginx-server-root /usr/local/nginx-1.23.3/conf
# 指定域名, example.com换成自己的域名
certbot --nginx -d example.com -d www.example.com
# 3. 检测证书
certbot certificates
### certbot renew --dry-run
# 4. 证书自动续约
## 证书续约命令: /usr/bin/certbot renew
## 4.1 编辑定时任务
crontab -e
## 4.2 配置12小时执行一次
0 */12 * * * root test -x /usr/bin/certbot && /usr/bin/certbot renew --quiet
执行完后nginx.conf会自动加上SSL相关配置
常见问题
问题一、第2步获取证书报错:
Error while running nginx -c /usr/local/nginx-1.25.4/conf/nginx.conf -t.
nginx: the configuration file /usr/local/nginx-1.25.4/conf/nginx.conf syntax is ok
2024/03/11 10:42:44 [emerg] 1985275#1985275: open() "/usr/share/nginx/logs/xxx_admin.access.log" failed (2: No such file or directory)
nginx: configuration file /usr/local/nginx-1.25.4/conf/nginx.conf test failed创建/usr/share/nginx/logs目录, 重新执行第2步命令
问题二、执行certbot --nginx --nginx-server-root /usr/local/nginx-1.23.3/conf命令报错:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError("Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.",)解决方案:
ln -s /usr/local/nginx-1.23.3/sbin/nginx /usr/bin/nginx
ln -s /usr/local/nginx-1.23.3/conf/ /etc/nginx
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。