使用Certbot申请证书
使用certbot申请*通配符证书,使用letsencrypt证书服务,使用DNS方式手动验证
certbot certonly --preferred-challenges dns --manual -d *.test.cn --server https://acme-v02.api.letsencrypt.org/directory
申请过程:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for *.test.cn
Please deploy a DNS TXT record under the name:
_acme-challenge.test.cn.
with the following value:
Zrs3unTYtP3NfuZ9Z43O5ozijIbeh9Rz2ecq5NE1QrA
Before continuing, verify the TXT record has been deployed. Depending on the DNS
provider, this may take some time, from a few seconds to multiple minutes. You can
check if it has finished deploying with aid of online tools, such as the Google
Admin Toolbox: https://toolbox.googleapps.com/apps/dig/#TXT/_acme-challenge.test.cn.
Look for one or more bolded line(s) below the line ';ANSWER'. It should show the
value(s) you've just added.
Press Enter to Continue
创建计划任务自动复制证书文件到指定目录:
0 0 * * * /bin/cp /etc/letsencrypt/live/test.cn/* /opt/ssl/test.cn
手动复制证书文件到指定目录:
cp -f /etc/letsencrypt/live/test.cn/* /opt/ssl/test.cn
转换为PFX格式证书,用于IIS:
openssl pkcs12 -export -out test.com.pfx -in fullchain.pem -inkey privkey.pem
查看所申请的证书信息:
certbot certificates
源文档 https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins
最新文章
- import this, Python 之禅
- matlab列优先与高维矩阵重构 及 CNN 逐层可视化 on Matlab
- matlab中的xcorr 自相关函数
- Hive 实现HBase 数据批量插入
- 记录一下我使用的vim的配置文件
- [转]有关USES_CONVERSION
- jQuery 中的children()和 find() 的区别
- ThreadLocal,ThreadLocalMap,Thread 的相互关系
- andorid
- kvm cobbler无人值守批量安装操作系统
- Rancher安装使用
- 跨站请求伪造(CSRF)-简述
- python笔记之类
- 201421123042 《Java程序设计》第12周
- Linux 安装qt5-designer并集成到Pycharm
- 事件冒泡(event bubbling)与事件捕捉(event capturing)
- vscode实现vue.js项目的过程
- PHP 重置数组为连续数字索引的几种方式
- vue拓展题
- git 命令行下浏览器tig使用记录