标签：

安置Cerbot

sudo apt-get update sudo apt-get install software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install python-certbot-nginx

使用Cerbot中的Nginx插件（自动版，可能会不行）

sudo certbot --nginx 此命令将自动获取证书并且Certbot会编纂Nginx配置并完成所有事情，， 只需在命令运行期间按照命令的提示输入你要配置SSL的域名即可。

如果想自界说Nginx配置，则使用certonly子命令即可。 sudo certbot --nginx certonly

改削Nginx的配置文件

. . . server_name example.com ; . . .

检测Nginx配置是否正确

sudo nginx -t

　

重启Nginx

sudo systemctl restart nginx

###获取SSL证书

sudo certbot --nginx -d 本身的域名

若告成则输出信息如下：

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you’re confident your site works on HTTPS. You can undo this change by editing your web server’s configuration. Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel):

输入选择后输出信息如下：

IMPORTANT NOTES: Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/example.com/fullchain.pem. Your cert will expire on 2017-10-23. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the “certonly” option. To non-interactively renew all of your certificates, run “certbot renew” Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. If you like Certbot, please consider supporting our work by: Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le

这样SSL证书就配置告成了，在浏览器以https开头尝尝能否告成访谒即可。　　

自动更新证书期限

Certbot供给的证书期限为90天，执行此命令可自动续订证书。 sudo certbot renew --dry-run

如果没有报错，Certbot就会自动帮你更新证书并重载Nginx；如果更新掉败，Let‘s Encrypt网站会发送一封邮件到你填入的邮箱奉告详细情况。

此外再保举一个很好的有各类处事器相关配置教程的网站：
DigitalOcean
此中也有详细的为Ubuntu 16.04下Nginx配置SSL证书的英文教程：
How To Secure Nginx with Let’s Encrypt on Ubuntu 16.04

原文链接：https://blog.csdn.net/m0_38025747/article/details/80602651

　　

Ubuntu 16.04——配置Nginx及Https处事

标签：

原文地点：https://www.cnblogs.com/weidaijie/p/12188290.html