1、Enable EPEL repo(可能会执行出现错误,但是没关系,继续后续的步骤2~5)
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
2、Enable the optional channel
yum -y install yum-utils
yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional
3、Install Certbot
yum install certbot python2-certbot-nginx
4、Get and install your certificates
1)自动配置nginx证书
certbot --nginx
2)手动配置nginx证书
certbot certonly --nginx
5、Set up automatic renewal(设置自动续期)
0 3 */7 * * certbot renew --renew-hook "nginx -s reload"
-----------------------------------------------END---------------------------------------------------
扩展:
1)通配符域名证书申请
certbot certonly --preferred-challenges dns --manual -d *.hello.tl --server https://acme-v02.api.letsencrypt.org/directory