1.获取certbot-auto
wget https://dl.eff.org/certbot-auto
2.添加执行权限
chmod a+x certbot-auto
3.自动下载和安装环境需要的组件
./certbot-auto --apache certonly
4.生成域名所需要的证书(红色部分为网站访问的路径和需要生成证书的域名)
./certbot-auto certonly --email 123456@qq.com --agree-tos --webroot -w /www/web/blxz/public_html -d blxz.qq.cn
5.生成的路径应该是(应该是四个证书文件):
/etc/letsencrypt/live/blxz.qq.com/privkey.pem
6.配置apache文件(vhost的域名配置文件.conf)
<VirtualHost *:443>DocumentRoot /www/web/blxz/public_htmlServerName blxz.qq.comServerAlias blxz.qq.comErrorDocument 400 /errpage/400.htmlErrorDocument 403 /errpage/403.htmlErrorDocument 404 /errpage/404.htmlSSLEngine onSSLCertificateFile ?????????/etc/letsencrypt/live/blxz.qq.com/cert.pemSSLCertificateKeyFile ??????/etc/letsencrypt/live/blxz.qq.com/privkey.pemSSLCertificateChainFile ????/etc/letsencrypt/live/blxz.qq.com/chain.pemphp_admin_value open_basedir /www/web/blxz:/tmp<IfModule mod_deflate.c>DeflateCompressionLevel 7AddOutputFilterByType DEFLATE text/html text/plain text/xml application/x-httpd-phpAddOutputFilter DEFLATE css js html htm gif jpg png bmp php</IfModule></VirtualHost><Directory /www/web/blxz> ???Options FollowSymLinks ???AllowOverride All ???Order allow,deny ???Allow from all</Directory>
7.重启apache配置
service httpd restart
注意:certbot Let‘s Encrypt永久免费但需要90天激活一次续约
linux使用certbot 自己生成证书apache版
原文地址:https://www.cnblogs.com/feimengv/p/8391494.html