HTTPS is deployed using the Lets Encrypt free certificate

The installation

1. Install the acme. Sh

curl  https://get.acme.sh | shCopy the code

2. Install acme. Sh to your home directory:

~/.acme.sh/Copy the code

3. Create a bash alias for your convenience:

acme.sh=~/.acme.sh/acme.sh

4. Upgrade acme.sh to the latest version:

manual

acme.sh --upgradeCopy the code

automatic

acme.sh  --upgrade  --auto-upgradeCopy the code

Stop updating

acme.sh --upgrade  --auto-upgrade  0Copy the code

Specific can refer to: https://github.com/Neilpang/acme.sh/wiki/%E8%AF%B4%E6%98%8E

                         https://github.com/Neilpang/acme.sh/wiki/How-to-install

Generate a certificate

I use DNS. My DNS service is Aliyun, which is as follows:

1. Import the configuration

export Ali_Key="youkey"export Ali_Secret="yousecret"Copy the code

2. Generate a certificate

acme.sh --issue --dns dns_ali -d example.com -d www.example.comCopy the code

The configuration given here is automatically recorded and you do not need to specify it again in the future. Direct generation is fine:

Rebuild using:

  --renew --force -d example.comCopy the code

Install the certificate

acme.sh  --installcert  -d  a.sjfx.com.cn   \   
     --key-file   /youpath.key \  
     --fullchain-file /youpath.cer Copy the code

Update your Nginx configuration

server {    
listen 80;    
server_name  youdomain;   
     
# Add HTTPS configuration
listen       443 ssl http2 default_server;    
listen       [::]:443 ssl http2 default_server;    
ssl_certificate "youcer";    
ssl_certificate_key "youkey"; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers HIGH:! aNULL:! MD5; ssl_prefer_server_ciphers on; location / {#... }
}Copy the code

Restart the nginx service and ok your site is now accessible using HTTPS.