Centos6.5安装let\'sencryptforxampp

lampp使用Let\'s Encrypt过程记录

Let\'s Encrypt是什么?

Let\'s Encrypt要求站点要有虚拟主机,所以第一步就是把站点直接连接,变为虚拟主机方式。
建立一个文件夹放置虚拟主机配置文件
mkdir /opt/lampp/etc/myVhost

在/opt/lampp/etc/httpd.conf文件末尾添加
httpd.conf:
IncludeOptional etc/myVhost/*.conf

建立虚拟主机配置文件
vi /opt/lampp/etc/myVhost/example.com.conf

example.com.conf:

ServerName example.com
ServerAlias www.example.com
DocumentRoot /opt/lampp/htdocs
ErrorLog /opt/lampp/logs/example.com/error.log


mkdir /opt/lampp/logs/example.com#建立日志目录

虚拟主机配置完,重启lampp
cd /opt/lampp
./lampp restart #也可只单独重启Apache

2.下载let\'s encrypt程序
yum install epel-release #安装环境
yum install git #安装环境
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt#下载到let\'s encrypt到/opt/letsencrypt

3.下载证书
cd /opt/letsencrypt
./certbot-auto certonly --webroot-w/opt/lampp/htdocs -d www.example.com

创新互联建站是一家集网站建设,娄烦企业网站建设,娄烦品牌网站建设,网站定制,娄烦网站建设报价,网络营销,网络优化,娄烦网站推广为一体的创新建站企业,帮助传统企业提升企业形象加强企业竞争力。可充分满足这一群体相比中小企业更为丰富、高端、多元的互联网需求。同时我们时刻保持专业、时尚、前沿,时刻以成就客户成长自我,坚持不断学习、思考、沉淀、净化自己,让我们为更多的企业打造出实用型网站。

#由于lampp是单独配置的环境,所以只下载证书。

证书下载成功会出现下面类似的提示:
IMPORTANT NOTES:
- If you lose your account credentials, you can recover through
e-mails sent to user@example.com.
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/example.com/fullchain.pem. Your cert
will expire on 2016-04-21. To obtain a new version of the
certificate in the future, simply run Let\'s Encrypt again.
- Your account credentials have been saved in your Let\'s Encrypt
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Let\'s
Encrypt so making regular backups of this folder is ideal.
- If you like Let\'s Encrypt, please consider supporting our work by:

Donating to ISRG / Let\'s Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

4.配置Apache,其实也就是添加证书位置。
vi /opt/lampp/etc/myVhost/example.com.conf

example.com.conf:

ServerName example.com
ServerAlias www.example.com
DocumentRoot /opt/lampp/htdocs
ErrorLog /opt/lampp/logs/example.com/error.log
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem


5.设置http跳转至https
到第4步,没有意外的话,应该能在浏览器看到小锁了。不想用http,设置一个跳转就行了。

6.let\'s encrypt证书只有90天的期限,所以定期更新证书很有必要,不过还没有实践过,把网上一些资料先copy下来。
crontab -e
30 2 ** 1 /opt/letsencrypt/letsencrypt-auto renew >>/opt/lampp/logs/example.com/le-renew.log#定时每周一 2:30更新证书

7.更新Let’s Encrypt程序,同样没有实践过,先保存。
cd /opt/letsencrypt
git pull


分享文章:Centos6.5安装let\'sencryptforxampp
分享路径:http://hbruida.cn/article/cjjdpi.html