用certbot申请https证书

安装certbot

yum install epel-release
yum install snapd
systemctl enable --now snapd.socket
ln -s /var/lib/snapd/snap /snap
snap install --classic certbot

#以上内容借鉴博客
https://blog.csdn.net/qq_27346503/article/details/114188857

申请证书

nginx -s stop #申请之前一定要停掉nginx
certbot certonly --standalone --email '1067063075@qq.com' -d 'www.readmore.run' #这一步会申请到证书，待会需要将证书路径copy到nginx配置中

配置证书

server {
        listen 443 ssl;
        server_name www.readmore.com;#也可以写成localhost

        ssl_certificate /etc/letsencrypt/live/www.readmore.run/fullchain.pem; #申请到的证书路径
        ssl_certificate_key /etc/letsencrypt/live/www.readmore.run/privkey.pem; #申请到的证书路径
        ssl_session_timeout 5m;
        location / {
                root /home/vue-demo/vue-demo;
                index index.html index.htm;
        }

        location /api/ {
                    proxy_pass   http://121.224.72.137:8081/;
                    client_max_body_size  1024m;
        }

    }
    
#如果需要将http默认的80端口访问，重定向到443端口(https)，可以采取如下配置：
server_name  www.readmore.run;
rewrite ^(.*) https://${server_name}$1 permanent;

重启nginx（配置生效）

如果再重启nginx时出现如下错误：

nginx: [emerg] unknown directive “ssl” in /usr/local/nginx/conf/nginx.conf:84

#分析原因
nginx -V
看下是不是缺少configure arguments: --with-http_ssl_module
#解决办法
cd nginx-1.20.1/
./configure --with-http_ssl_module
make
cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx_bak
cp ./objs/nginx /usr/local/nginx/sbin/
#查看是否ok
nginx -V
configure arguments: --with-http_ssl_module#出现这个表示ok了！！！