From 166fe887c8efa639694296a635212a48a5d40f7a Mon Sep 17 00:00:00 2001 From: kev Date: Fri, 6 May 2016 15:03:51 +0800 Subject: [PATCH] update letsencrypt --- letsencrypt/README.md | 31 ++++++++++++++++++++++++++----- 1 file changed, 26 insertions(+), 5 deletions(-) diff --git a/letsencrypt/README.md b/letsencrypt/README.md index 7a1a655..aca277b 100644 --- a/letsencrypt/README.md +++ b/letsencrypt/README.md @@ -27,9 +27,9 @@ $ systemctl stop nginx # generate keys $ docker-compose run --rm --service-ports letsencrypt >>> email: admin@easypi.info ->>> domains: easypi.info,bbs.easypi.info,blog.easypi.info,wiki.easypi.info +>>> domains: easypi.info,blog.easypi.info,wiki.easypi.info -# copy keys +# deploy keys $ mkdir -p /etc/nginx/ssl/ $ cp ./etc/letsencrypt/live/easypi.info/fullchain.pem /etc/nginx/ssl/easypi.info.crt $ cp ./etc/letsencrypt/live/easypi.info/privkey.pem /etc/nginx/ssl/easypi.info.key @@ -56,10 +56,31 @@ server { $ systemctl start nginx ``` +You can also generate keys without docker. + +```bash +# install +apt install build-essential dialog libffi-dev libssl-dev python2.7-dev +curl -sSL https://bootstrap.pypa.io/get-pip.py | python2 +pip2 install letsencrypt + +# generate +letsencrypt certonly --standalone -d easypi.info -d blog.easypi.info -d wiki.easypi.info + +# deploy +mkdir -p /etc/nginx/ssl +cp /etc/letsencrypt/live/easypi.info/fullchain.pem /etc/nginx/ssl/easypi.info.crt +cp /etc/letsencrypt/live/easypi.info/privkey.pem /etc/nginx/ssl/easypi.info.key + +# renew +letsencrypt renew +``` + ## references -- https://letsencrypt.readthedocs.org/en/latest/using.html#running-with-docker -- https://docs.docker.com/compose/reference/run/ -- http://nginx.org/en/docs/http/configuring_https_servers.html +- +- +- +- [1]: https://letsencrypt.org/