|
Let's Encrypt morning received the message, he said even before the application has passed, then immediately begin trial. Let's Encrypt is a new digital certificate authentication mechanism that eliminates the complexity of creating and installing certificates through an automated process for sites that offer free SSL / TLS certificate.
Let's Encrypt using the following procedure:
Get the client and perform
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto --agree-dev-preview --server \
https://acme-v01.api.letsencrypt.org/directory auth
Select authentication method
After install some dependencies, Let's Encrypt TUI interface will pop asked to choose authentication: manual or independence. Here in order to save, choose independently certified.
Then enter Email Address
Agree to the license agreement
Enter the domain name
Here, the input linuxtoy.org and www.linuxtoy.org, multiple domain names using commas or spaces.
carry out
When you see the following message stating that the certificate has been successfully completed:
-! Congratulations Your certificate and chain have been saved at
/etc/letsencrypt/live/linuxtoy.org/fullchain.pem. Your cert will
expire on 2016-01-25. To obtain a new version of the certificate in
the future, simply run Let's Encrypt again.
Let's Encrypt authentication information stored in / etc / letsencrypt directory.
Then, in two rows in the following NGINX profile can be set to the actual path of the Let's Encrypt:
ssl_certificate /etc/letsencrypt/live/linuxtoy.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/linuxtoy.org/privkey.pem;
It is worth noting that the current Let's Encrypt the certificate is valid for 90 days, after which you need to manually renew. Furthermore, when requesting the certificate authentication have frequency limits. Overall, the certificate authentication process is very easy, and it is free, so this need of a friend try. |
|
|
|