no way to compare when less than two revisions
| |
| — | tech:ssl_letsencrypt:cf_centos6 [2021/06/23 22:39] (目前版本) – 建立 jonathan |
|---|
| | ==== CentOS 6 ==== |
| | - 建立 /root/lets-encrypt/authenticator.sh<code sh> |
| | cd /root/lets-encrypt/ |
| | wget https://svn.ichiayi.com/opensvn/opentrysoft/certbot/authenticator.sh |
| | chmod a+x authenticator.sh |
| | </code> |
| | - 建立 /root/lets-encrypt/cleanup.sh<code sh> |
| | cd /root/lets-encrypt/ |
| | wget https://svn.ichiayi.com/opensvn/opentrysoft/certbot/cleanup.sh |
| | chmod a+x cleanup.sh</code> |
| | - 取得 CloudFlare 的 Zone ID 與 Global API Key 更改 authenticator.sh 與 cleanup.sh 內容<file> |
| | : |
| | API_KEY="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" |
| | EMAIL="[email protected]" |
| | ZONE_ID="xxxxxxxxxxxxxxx" |
| | : |
| | </file>++看 CloudFlare 取得 Zone ID / Global API Key 畫面| {{:tech:2019031501.png}} \\ {{:tech:2019031502.png}} \\ {{:tech:2019031503.png}} \\ {{:tech:2019031504.png}} \\ {{:tech:2019031505.png}}++ |
| | - 執行取得 SSL 憑證命令 Exp. erp.ichiayi.com <code sh> |
| | /root/lets-encrypt/certbot-auto certonly --manual --preferred-challenges=dns --manual-auth-hook /root/lets-encrypt/authenticator.sh --manual-cleanup-hook /root/lets-encrypt/cleanup.sh -d erp.ichiayi.com |
| | </code> |
| | * 設定憑證到期自動更新 |
| | - 建立 /root/lets-encrypt/renewcert.sh Exp. erp.ichiayi.com <code sh> |
| | vi /root/lets-encrypt/renewcert.sh</code><file> |
| | /root/lets-encrypt/certbot-auto renew --preferred-challenges=dns --manual-auth-hook /root/lets-encrypt/authenticator.sh --manual-cleanup-hook /root/lets-encrypt/cleanup.sh --agree-tos |
| | </file> |
| | - 設定執行權限<code sh> |
| | chmod a+x /root/lets-encrypt/renewcert.sh |
| | </code> |
| | - 設定每天 4:30 執行自動檢查一次<code sh> |
| | vi /etc/crontab |
| | </code><file> |
| | : |
| | # erp.ichiayi.com SSL cert auto renew |
| | 30 4 * * * root /root/lets-encrypt/renewcert.sh > /tmp/certrenew.log |
| | </file><code sh> |
| | service crond restart |
| | </code> |
| |