Taijicoder Wiki

注意：以下都是以ubuntu 16.04 环境为例子, 默认安装好了nginx

systemctl stop nginx

add-apt-repository ppa:certbot/certbot
apt-get update
apt-get install python-certbot-nginx

cd /etc/nginx
mkdir ssl
cd /etc/nginx/ssl
openssl dhparam -out dhparam.pem 2048

certbot certonly --standalone --email <xxx>@<xxxmail.com> -d <xxx>.com -d www.<xxx>.com

server {
       listen 443 ssl http2;
       listen [::]:443 ssl http2;

        ssl_certificate /etc/letsencrypt/live/<xxx>.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/<xxx>.com/privkey.pem;
        ssl_dhparam         /etc/nginx/ssl/dhparam.pem;

        server_name <xxx>.com www.<xxx>.com;
	root /www/<xxx-path>;

        location / {
	      index index.html index.htm;
         }
}

server {
       listen         80;
       listen    [::]:80;
       server_name <xxx>.com www.<xxx>.com;
       return         301 https://$server_name$request_uri;
}

certbot certonly --cert-name example.com -d m.example.com,www.m.example.com