在服务器上生成SSL证书并部署至Nginx

First Post:

Last Update:

获取环境与项目

1
2
3
apt install socat -y

git clone https://github.com/acmesh-official/acme.sh.git

生成证书并导入到Nginx

1
2
3
4
5
6
7
8
9
10
11
cd .acme.sh

./acme.sh --install -m intro-iu@outlook.com

export CF_Key="" && export CF_Email=""

./acme.sh --issue --dns dns_cf -d intro-iu.top -d *.intro-iu.top

mkdir /etc/nginx/ssl

./acme.sh --installcert -d intro-iu.top --keypath /etc/nginx/ssl/intro-iu.top.key --fullchainpath /etc/nginx/ssl/intro-iu.top.cer

更改Nginx配置使证书生效

1
vim /etc/nginx/nginx.conf

在SSL区块中添加一下两行

1
2
3
ssl_certificate ssl/intro-iu.top.cer;

ssl_certificate_key ssl/intro-iu.top.key;

重启Nginx

1
2
3
nginx -t

systemctl reload nginx