Ubuntu +Nginx установка certbot и получение сертификата

sudo apt-get install software-properties-common python-software-properties
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot
sudo certbot certonly

Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
——————————————————————————-
1: Place files in webroot directory (webroot)
2: Spin up a temporary webserver (standalone)
——————————————————————————-
Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel):
//Отвечаем 1
Enter email address (used for urgent renewal and security notices) (Enter ‘c’ to
cancel):ваша@почта с которой регистрировались в letsencrypt

Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf. You must agree
in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
——————————————————————————-
(A)gree/(C)ancel: a //соглашаемся

Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let’s Encrypt project and the non-profit
organization that develops Certbot? We’d like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
——————————————————————————-
(Y)es/(N)o: // как считаете нужным

Please enter in your domain name(s) (comma and/or space separated) (Enter ‘c’
to cancel): ваши домены через запятую или пробел

1: Enter a new webroot
——————————————————————————-
Press 1 [enter] to confirm the selection (press ‘c’ to cancel): //нажмите 1 и ентер
Input the webroot for ваш_домен.com: (Enter ‘c’ to cancel): /var/www/ваш_домен.com // укажите путь к корню домена

Конфигурационный файл домена
server {
listen 443 ssl;
root /usr/share/nginx/backline.ru;
index index.php index.html index.htm;
server_name backline.ru www.backline.ru;
ssl_certificate /etc/letsencrypt/live/backline.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/backline.ru/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ‘EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH’;
………………..
}

server {
listen 80;
server_name backline.ru www.backline.ru;
return 301 https://$host$request_uri;
}

Добавить комментарий

Ваш e-mail не будет опубликован. Обязательные поля помечены *