只要能够自己配置域名的dns就可以使用 Let’s Encrypt 申请免费的 ssl证书,而且还支持通配符和多域名证书,非常强大。
1.安装工具
centos
# 安装依赖
yum -y install yum-utils
yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional
# 安装证书工具
yum install certbot
macos
# 安装brew
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
# 安装证书工具
brew install certbot
2.获取证书
sudo certbot certonly --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory
# 根据提示输入域名、配置dns
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Please enter in your domain name(s) (comma and/or space separated) (Enter 'c'
to cancel):
# 这里申请了两个通配符域名
*.cdn.example.com *.example.co