2017-4月 免费ssl证书,申请安装。无需注册账号。
首先安装apache ssl模块git clone https://github.com/letsencrypt/letsencryptcd letsencrypt./letsencrypt-auto -d www.youdomain.com报错:Error: Protected multilib versions: openssl-1.0.1e-48.el6_8.4
·
首先安装apache ssl模块
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto -d www.youdomain.com
报错:
Error: Protected multilib versions: openssl-1.0.1e-48.el6_8.4.x86_64 != openssl-1.0.1e-42.el6_7.4.i686再次:
./letsencrypt-auto -d www.youdomain.com报错:
Type: connection
Detail: Failed to connect to 221.236.173.67:443 for TLS-SNI-01
challenge删除/etc/httpd/conf.d/ssl.conf里面的443的默认主机。
再次:
./letsencrypt-auto -d www.youdomain.com警告:
IMPORTANT NOTES:
- Unable to install the certificate
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/www.hualike.net/fullchain.pem. Your cert will
expire on 2017-07-05. To obtain a new or tweaked version of this
certificate in the future, simply run letsencrypt-auto again with
the "certonly" option. To non-interactively renew *all* of your
certificates, run "letsencrypt-auto renew"
忽略他,自己增加一个端口为443的虚拟机,并增加类似下面的配置到这个虚拟机:
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.youdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.youdomain.com/privkey.pem
重启apache,访问你的网站:
没ssl证书警告了,如果你的图和js css之类的也走https的话,浏览器地址栏将显示绿色的锁。
证书有效期3个月,3个月后你需要renew。
已经可以用于adhoc安装ipa了,safari不会警告 无法连接到“www.youdomain.com”了。
开放原子开发者工作坊旨在鼓励更多人参与开源活动,与志同道合的开发者们相互交流开发经验、分享开发心得、获取前沿技术趋势。工作坊有多种形式的开发者活动,如meetup、训练营等,主打技术交流,干货满满,真诚地邀请各位开发者共同参与!
更多推荐
0
0- 0
已为社区贡献1条内容
所有评论(0)