nginx acme自动续期
Last updated on May 22, 2025 am
🧙 Questions
使用acme.sh自动续期
☄️ Ideas
acme.sh安装
cd /tmp
git clone https://gitee.com/ispong/acme.sh.git
cd /tmp/acme.sh
./acme.sh --install -m ispong@outlook.com
source /root/.acme.sh/acme.sh.env
acme.sh -v
rm -rf /tmp/acme.sh常用命令
要给nginx提前配置路径
mkdir -p /var/www/html
vim /etc/nginx/nginx.confserver {
listen 80;
listen [::]:80;
server_name zhiliuyun.isxcode.com;
location /.well-known/acme-challenge/ {
root /var/www/html;
}
location / {
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name zhiliuyun.isxcode.com;
ssl_certificate "/data/nginx/ssl/zhiliuyun.isxcode.com.pem";
ssl_certificate_key "/data/nginx/ssl/zhiliuyun.isxcode.com.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass http://172.20.78.84:3000/;
}
location = /baidu_verify_codeva-1ga4Cw4GxC.html {
alias /tmp/baidu_verify_codeva-1ga4Cw4GxC.html;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}acme.sh --set-default-ca --server letsencrypt
# 申请许可证
acme.sh --issue -d zhiliuyun.isxcode.com -w /var/www/html
acme.sh --list
# 查看定时器
cat /var/spool/cron/root重新指向路径
acme.sh --install-cert -d zhiliuyun.isxcode.com \
--key-file /data/nginx/ssl/zhiliuyun.isxcode.com.key \
--fullchain-file /data/nginx/ssl/zhiliuyun.isxcode.com.pem \
--reloadcmd "nginx -s reload"删除许可证
acme.sh --list
# acme.sh --remove -d zhiliuyun.isxcode.com刷新许可证
acme.sh --renew -d zhiliuyun.isxcode.com --force
acme.sh --renew-all🔗 Links
nginx acme自动续期
https://ispong.isxcode.com/vue/nginx/nginx acme自动续期/