![](\"https:\/\/i.yimenyun.net\/2023-03\/31\/17\/34908214145.jpg\")
<\/figure>\n<\/p>\n\u9a8c\u8bc1\u7f51\u7ad9\u7684\u8eab\u4efd\u5e76\u52a0\u5bc6\u6570\u636e\u4f20\u8f93\u3002\u901a\u8fc7SSL\u8bc1\u4e66\uff0c\u53ef\u4ee5\u786e\u4fdd\u7f51\u7ad9\u548c\u7528\u6237\u4e4b\u95f4\u7684\u901a\u4fe1\u662f\u5b89\u5168\u7684\u3002SSL\u8bc1\u4e66\u5305\u62ec\u516c\u94a5\u3001\u79c1\u94a5\u548c\u8bc1\u4e66\u7b7e\u540d\u7b49\u4fe1\u606f\uff0c\u53ef\u4ee5\u901a\u8fc7\u52a0\u5bc6\u7b97\u6cd5\u4fdd\u969c\u6570\u636e\u7684\u5b89\u5168\u4f20\u8f93\u3002<\/p>\n
\u4e8c\u3001\u514d\u8d39SSL\u8bc1\u4e66\u7533\u8bf7<\/p>\n
1. \u83b7\u53d6\u514d\u8d39SSL\u8bc1\u4e66<\/p>\n
\u76ee\u524d\uff0cLet’s Encrypt\u662f\u4e00\u5bb6\u63d0\u4f9b\u514d\u8d39SSL\u8bc1\u4e66\u7684\u7ec4\u7ec7\u3002\u901a\u8fc7\u5b98\u7f51\u53ef\u4ee5\u7533\u8bf7\u5230\u6709\u6548\u671f\u4e3a90\u5929\u7684\u514d\u8d39SSL\u8bc1\u4e66\u3002<\/p>\n
2. \u5b89\u88c5Certbot<\/p>\n
Certbot\u662f\u4e00\u4e2a\u81ea\u52a8\u5316\u7684\u5de5\u5177\uff0c\u53ef\u4ee5\u65b9\u4fbf\u5730\u7533\u8bf7\u3001\u5b89\u88c5\u548c\u914d\u7f6eSSL\u8bc1\u4e66\u3002\u53ef\u4ee5\u901a\u8fc7\u4ee5\u4e0b\u547d\u4ee4\u5b89\u88c5\uff1a<\/p>\n
“`<\/p>\n
sudo apt-get update<\/p>\n
sudo apt-get install certbot python-certbot-apache<\/p>\n
“`<\/p>\n
3. \u7533\u8bf7\u8bc1\u4e66<\/p>\n
\u901a\u8fc7\u4ee5\u4e0b\u547d\u4ee4\u7533\u8bf7\u8bc1\u4e66\uff1a<\/p>\n
“`<\/p>\n
sudo certbot –apache -d example.com -d www.example.com<\/p>\n
“`<\/p>\n
\u5176\u4e2d\uff0cexample.com\u662f\u4f60\u7684\u57df\u540d\uff0c\u53ef\u4ee5\u6dfb\u52a0\u591a\u4e2a\u57df\u540d\uff0c\u7528\u7a7a\u683c\u5206\u9694\u3002<\/p>\n
4. \u9a8c\u8bc1\u8bc1\u4e66<\/p>\n
Certbot\u4f1a\u81ea\u52a8\u5b8c\u6210\u8bc1\u4e66\u7684\u7533\u8bf7\u548c\u5b89\u88c5\uff0c\u4f46\u9700\u8981\u9a8c\u8bc1\u8bc1\u4e66\u7684\u6709\u6548\u6027\u3002\u53ef\u4ee5\u901a\u8fc7\u8bbf\u95eehttps:\/\/example.com\u6765\u9a8c\u8bc1\u8bc1\u4e66\u662f\u5426\u751f\u6548\u3002<\/p>\n
\u4e09\u3001\u914d\u7f6eSSL\u8bc1\u4e66<\/p>\n
1. Apache\u914d\u7f6e<\/p>\n
\u5728\u5b89\u88c5Certbot\u65f6\uff0c\u5df2\u7ecf\u81ea\u52a8\u914d\u7f6e\u4e86Apache\u670d\u52a1\u5668\u7684SSL\u8bc1\u4e66\u3002\u53ef\u4ee5\u901a\u8fc7\u4ee5\u4e0b\u547d\u4ee4\u67e5\u770b\u8bc1\u4e66\u4fe1\u606f\uff1a<\/p>\n
“`<\/p>\n
sudo apachectl -t -D DUMP_CERTS<\/p>\n
“`<\/p>\n
2. Nginx\u914d\u7f6e<\/p>\n
\u5982\u679c\u4f7f\u7528Nginx\u670d\u52a1\u5668\uff0c\u9700\u8981\u624b\u52a8\u914d\u7f6eSSL\u8bc1\u4e66\u3002\u53ef\u4ee5\u901a\u8fc7\u4ee5\u4e0b\u6b65\u9aa4\u5b8c\u6210\u914d\u7f6e\uff1a<\/p>\n
\uff081\uff09\u5c06\u8bc1\u4e66\u6587\u4ef6\u548c\u79c1\u94a5\u6587\u4ef6\u4e0a\u4f20\u5230\u670d\u52a1\u5668\u3002<\/p>\n
\uff082\uff09\u5728Nginx\u914d\u7f6e\u6587\u4ef6\u4e2d\u6dfb\u52a0\u4ee5\u4e0b\u4ee3\u7801\uff1a<\/p>\n
“`<\/p>\n
server {<\/p>\n
listen 443 ssl;<\/p>\n
server_name example.com;<\/p>\n
ssl_certificate \/path\/to\/fullchain.pem;<\/p>\n
ssl_certificate_key \/path\/to\/privkey.pem;<\/p>\n
…<\/p>\n
}<\/p>\n
“`<\/p>\n
\u5176\u4e2d\uff0cexample.com\u662f\u4f60\u7684\u57df\u540d\uff0c\/path\/to\/fullchain.pem\u548c\/path\/to\/privkey.pem\u5206\u522b\u662f\u8bc1\u4e66\u6587\u4ef6\u548c\u79c1\u94a5\u6587\u4ef6\u7684\u8def\u5f84\u3002<\/p>\n
\uff083\uff09\u91cd\u542fNginx\u670d\u52a1\u5668\u3002<\/p>\n