certbot--apache

在python2.7的基础之上
使用certbot来安装网站证书支持https
官网教程 https://certbot.eff.org/
安装包 wget https://dl.eff.org/certbot-auto
nginx 网站下
首先得有virtualhost 配置虚拟站点，启用Namevirtualhost监听433端口
apache采用的yum安装

vim /etv/httpd/conf/httpd.conf
Listen 443
NameVirtualHost *:443

在/etc/httpd/conf.d 添加虚拟站点配置文件
virtual.conf

<Virtualhost *:80>
        DocumentRoot /var/www/html/abc
        ServerName abc.wang.com
       <Directory "/var/www/html/abc">
            Options Indexes FollowSymLinks
            DirectoryIndex index.html
            AllowOverride All
            Order allow,deny
            Allow from all
        </Directory>
    RewriteEngine on   #1 123为certbot自创添加
    RewriteCond %{SERVER_NAME} =abc.wang.tv #2
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [L,NE,R=permanent] #3
    </virtualhost>

./certbot-auto --apache certonly
证书完成后
在/etc/letsencrypt/live/abc.wang.com目录下有

cert.pem  chain.pem  fullchain.pem  privkey.pem  README

这时在/etc/httpd/conf.d目录下多了几个文件

virtual.conf  virtual-le-ssl.conf  README  ssl.conf    welcome.conf

ssl.conf

#
# This is the Apache server configuration file providing SSL support.
# It contains the configuration directives to instruct the server how to
# serve pages over an https connection. For detailing information about these 
# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
# 
# Do NOT simply read the instructions in here without understanding
# what they do.  They're here only as hints or reminders.  If you are unsure
# consult the online docs. You have been warned.  
#

LoadModule ssl_module modules/mod_ssl.so

#
# When we also provide SSL we have to listen to the 
# the HTTPS port in addition.
#
Listen 443

##
##  SSL Global Context
##
##  All SSL configuration in this context applies both to
##  the main server and all SSL-enabled virtual hosts.
##

#   Pass Phrase Dialog:
#   Configure the pass phrase gathering process.
#   The filtering dialog program (`builtin' is a internal
#   terminal dialog) has to p