一、安装Certbot
系统环境:
Linux 5.7.6-1kali2 (2020-07-01)
$ sudo apt update
$ sudo apt install certbot
二、获取证书
$ sudo certbot --manual --preferred-challenges dns certonly -d youdomain.example.com
# 然后把生成的_acme-challenge的值在域名管理中创建一个txt解析记录,后输入回车继续
# 生成的证书在[/etc/letsencrypt/live/yourdomain/]目录下
生成文件的含义
privkey.pem
: the private key for your certificate.
fullchain.pem
: the certificate file used in most server software.
chain.pem
: used for OCSP stapling in Nginx >=1.3.7.
cert.pem
: will break many server configurations, and should not be used without reading further documentation (see link below).