网上的一些关于ubuntu配合let's encrypt的文章已经过时了,ubuntu14已经不再支持使用apt-get的方式来安装certbot。
1. 下载certbot
wget https://dl.eff.org/certbot-auto
sudo mv certbot-auto /usr/local/bin/certbot
sudo chown root /usr/local/bin/certbot
sudo chmod 0755 /usr/local/bin/certbot
2. 配置certbot
certbot
按照页面中显示的要求依次输入邮箱、域名等即可。
3. 配置nginx
配置nginx的conf文件如下
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
listen 443 ssl;
root /usr/share/nginx/html;
index index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
ssl_certificate /etc/letsencrypt/live/poct.zjubme307.cn/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/poct.zjubme307.cn/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
listen [::]:443 ssl ipv6only=on;
重启nginx即可。