# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.4 LTS
Release: 20.04
Codename: focal
apt-get update
apt-get install -y gcc libpcre3 libpcre3-dev zlib1g-dev openssl libssl-dev
wget https://nginx.org/download/nginx-1.20.2.tar.gz
cd nginx-1.20.2/
./configure --prefix=/etc/nginx --with-http_ssl_module
make
make install
/root/nginx-1.20.2/objs
# ./nginx -V
nginx version: nginx/1.20.2
built by gcc 9.4.0 (Ubuntu 9.4.0-1ubuntu1~20.04.1)
built with OpenSSL 1.1.1f 31 Mar 2020
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --with-http_ssl_module
域名HTTP可以访问
curl https://get.acme.sh | sh -s email=<邮箱>
vim .bashrc
alias acme.sh='~/.acme.sh/acme.sh'
# source .bashrc
# acme.sh -v
https://github.com/acmesh-official/acme.sh
v3.0.5
acme.sh --issue -d <域名> --nginx /etc/nginx/conf/nginx.conf
acme.sh --install-cert -d <域名> --key-file /etc/nginx/ssl/<域名>/<域名>.key --fullchain-file /etc/nginx/ssl/<域名>/<域名>.crt --reloadcmd "service nginx force-reload"
acme.sh --info -d <域名>
server {
listen 443 ssl;
server_name <域名>;
ssl_certificate /etc/nginx/ssl/<域名>/<域名>.crt;
ssl_certificate_key /etc/nginx/ssl/<域名>/<域名>.key;
}
acme.sh --issue -w /root/www/moban4083 -d <域名> --keylength ec-256
acme.sh --renew -d <域名> --force --ecc
acme.sh --upgrade --auto-upgrade
# crontab -l
13 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null