顯示頁面舊版反向連結Fold/unfold all回到頁頂 本頁是唯讀的,您可以看到原始碼,但不能更動它。您如果覺得它不應被鎖上,請詢問管理員。 ==== CentOS 6 ==== - 建立 /root/lets-encrypt/authenticator.sh<code sh> cd /root/lets-encrypt/ wget https://svn.ichiayi.com/opensvn/opentrysoft/certbot/authenticator.sh chmod a+x authenticator.sh </code> - 建立 /root/lets-encrypt/cleanup.sh<code sh> cd /root/lets-encrypt/ wget https://svn.ichiayi.com/opensvn/opentrysoft/certbot/cleanup.sh chmod a+x cleanup.sh</code> - 取得 CloudFlare 的 Zone ID 與 Global API Key 更改 authenticator.sh 與 cleanup.sh 內容<file> : API_KEY="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" EMAIL="xxx@xxx.xxx" ZONE_ID="xxxxxxxxxxxxxxx" : </file>++看 CloudFlare 取得 Zone ID / Global API Key 畫面| {{:tech:2019031501.png}} \\ {{:tech:2019031502.png}} \\ {{:tech:2019031503.png}} \\ {{:tech:2019031504.png}} \\ {{:tech:2019031505.png}}++ - 執行取得 SSL 憑證命令 Exp. erp.ichiayi.com <code sh> /root/lets-encrypt/certbot-auto certonly --manual --preferred-challenges=dns --manual-auth-hook /root/lets-encrypt/authenticator.sh --manual-cleanup-hook /root/lets-encrypt/cleanup.sh -d erp.ichiayi.com </code> * 設定憑證到期自動更新 - 建立 /root/lets-encrypt/renewcert.sh Exp. erp.ichiayi.com <code sh> vi /root/lets-encrypt/renewcert.sh</code><file> /root/lets-encrypt/certbot-auto renew --preferred-challenges=dns --manual-auth-hook /root/lets-encrypt/authenticator.sh --manual-cleanup-hook /root/lets-encrypt/cleanup.sh --agree-tos </file> - 設定執行權限<code sh> chmod a+x /root/lets-encrypt/renewcert.sh </code> - 設定每天 4:30 執行自動檢查一次<code sh> vi /etc/crontab </code><file> : # erp.ichiayi.com SSL cert auto renew 30 4 * * * root /root/lets-encrypt/renewcert.sh > /tmp/certrenew.log </file><code sh> service crond restart </code> tech/ssl_letsencrypt/cf_centos6.txt 上一次變更: 2021/06/23 22:39由 jonathan