准备工作

 sudo yum install epel-release -y
 sudo yum update -y
 
 sudo yum install nginx -y
 sudo systemctl start nginx
 sudo systemctl enable nginx
 
 sudo firewall-cmd --permanent --add-service=http
 sudo firewall-cmd --permanent --add-service=https
 sudo firewall-cmd --reload
 
 sudo yum install certbot python2-certbot-nginx -y
 
 sudo mkdir -p /var/www/html/.well-known/acme-challenge/
 sudo chown -R nginx:nginx /var/www/html

开始申请

 dig docker-registry.icu +short
 
 sudo firewall-cmd --list-all | grep 80 
 
 ls -l /var/www/html/.well-known/acme-challenge/
 
 sudo tee /etc/nginx/conf.d/docker-registry.conf <<EOF
 server {
     listen 80;
     server_name docker-registry.icu;
 
     return 301 https://\$host\$request_uri;
 
     location /.well-known/acme-challenge/ {
         root /var/www/html;
     }
 }
 EOF
 
 sudo nginx -t
 
 sudo systemctl reload nginx
 
 sudo certbot --nginx -d docker-registry.icu

验证结果

 ls -l /var/www/html/.well-known/acme-challenge/
 
 journalctl -u certbot | tail -n 50

优化配置文件/etc/nginx/conf.d/docker-registry.conf

 sudo tee /etc/nginx/conf.d/docker-registry.conf <<EOF
 server {
     listen 80;
     server_name docker-registry.icu;
     return 301 https://$host$request_uri;
 }
 
 server {
     listen 443 ssl;
     server_name docker-registry.icu;
 
     ssl_certificate /etc/letsencrypt/live/docker-registry.icu/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/docker-registry.icu/privkey.pem;
     include /etc/letsencrypt/options-ssl-nginx.conf;
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 
 
 }
 EOF

菜单

手动申请SSL证书并自动续签

分享

手动申请SSL证书并自动续签

准备工作

开始申请

验证结果

优化配置文件/etc/nginx/conf.d/docker-registry.conf

评论

手动申请SSL证书并自动续签

套娃式AI模块的意义

若依框架通过Token实现数据权限和接口权限过滤的机制

将Vue3项目纯js版本修改为js\ts混用版本

防火墙查看与配置

给Centos7虚拟机设置静态ip

Centos7安装基础环境

VMware安装Centos7系统

Docker使用

动态表头