使用 Cerbot 免费证书简单升级 http 到 https

1、安装 cerbot:

1 2	git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt

要求：

Python 2.7
Git环境
连接外网

2、运行:

1 2	// 根据自己的需求调整代码 ./certbot-auto certonly --standalone --email admin@example.com -d example.com -d www.example.com -d other.example.net

成功提示:

IMPORTANT NOTES:
Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/sast.nymrli.top/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/sast.nymrli.top/privkey.pem
   Your cert will expire on 2019-02-08. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot-auto
   again. To non-interactively renew *all* of your certificates, run
   "certbot-auto renew"
 - If you like Certbot, please consider supporting our work by:

3、配置Nginx:

server 不再监听80端口，因为TLS要使用的是443端口，然后引入证书和key

server
{
    listen 443 ssl;
    server_name sast.nymrli.top;     //这里是你的域名
    index index_page.html;
    root /var/www/homework_submission-master/;        //网站目录
    ssl_certificate   /etc/letsencrypt/live/sast.nymrli.top/fullchain.pem;    //前面生成的证书，改一下里面的域名就行，不建议更换路径
    ssl_certificate_key /etc/letsencrypt/live/sast.nymrli.top/privkey.pem;   //前面生成的密钥，改一下里面的域名就行，不建议更换路径
}

重启Nginx：

1	sudo service nginx restart

OK!

问题解决:

1	Problem binding to port 80: Could not bind to IPv4 or IPv6.

原因是 nginx 占用了80端口，输入service nginx stop。然后再次执行证书安装命令，即可顺利安装。安装完毕后，输入service nginx start，重启 nginx 服务。

使用 Cerbot 免费证书 简单 升级 http 到 https

问题解决:

使用 Cerbot 免费证书简单升级 http 到 https