{"id":308,"date":"2021-05-18T22:11:46","date_gmt":"2021-05-18T14:11:46","guid":{"rendered":"https:\/\/blog.zhouhonghe.com\/?p=308"},"modified":"2022-11-15T13:05:21","modified_gmt":"2022-11-15T05:05:21","slug":"centos7%e4%b8%8b%e4%bd%bf%e7%94%a8letsencrypt%e8%87%aa%e5%8a%a8%e6%9b%b4%e6%96%b0ssl%e8%af%81%e4%b9%a6","status":"publish","type":"post","link":"https:\/\/blog.zhouhonghe.com\/?p=308","title":{"rendered":"CentOS7\u4e0b\u81ea\u52a8\u66f4\u65b0DNSPOD\u57df\u540d\u7684Let'sEncrypt\u6cdb\u57df\u540d\u8bc1\u4e66"},"content":{"rendered":"<p>\u6309\u7167<a href=\"https:\/\/certbot.eff.org\/instructions?ws=nginx&amp;os=centosrhel7\" target=\"_blank\" rel=\"noopener\">https:\/\/certbot.eff.org\/instructions?ws=nginx&amp;os=centosrhel7<\/a>\u7684\u6307\u5f15\u64cd\u4f5c\uff1a<\/p>\n<p>1\u3001<strong>\u5b89\u88c5snapd<\/strong><br \/>\n<code>yum install epel-release<\/code><br \/>\n<code>yum install snapd<\/code><br \/>\n<code>systemctl enable --now snapd.socket<\/code><br \/>\n<code>ln -s \/var\/lib\/snapd\/snap \/snap<\/code><br \/>\n<code>snap install core; snap refresh core<\/code><\/p>\n<p>2\u3001<strong>\u5b89\u88c5CertBot<\/strong><br \/>\n<code>snap install --classic certbot<\/code><br \/>\n<code>ln -s \/snap\/bin\/certbot \/usr\/bin\/certbot<\/code><\/p>\n<p>3\u3001<strong>\u83b7\u53d6\u8bc1\u4e66\uff0c\u914d\u7f6e\u7ad9\u70b9\uff0c\u542f\u7528SSL<\/strong><br \/>\n<code>certbot --nginx<\/code><\/p>\n<p>4\u3001<strong>\u67e5\u770b\u81ea\u52a8\u66f4\u65b0\u5b9a\u65f6\u5668<\/strong><br \/>\n<code>systemctl list-timers<\/code><\/p>\n<p>5\u3001<strong>\u5220\u9664\u8bc1\u4e66<\/strong><br \/>\n<code>certbot delete<\/code><\/p>\n<p>6\u3001<strong>\u6cdb\u57df\u540d\u652f\u6301<\/strong><br \/>\n6.1 \u4e0b\u8f7d <a href=\"https:\/\/github.com\/al-one\/certbot-auth-dnspod\" target=\"_blank\" rel=\"noopener\">certbot-auth-dnspod<\/a><\/p>\n<p>6.2 \u4fee\u6539certbot-auth-dnspod<br \/>\n6.2.1 \u4fee\u6539<br \/>\n<code>DOMAIN=$(expr match \"$CERTBOT_DOMAIN\" '.*\\.\\(.*\\..*\\)')<br \/>\nTXHOST=$(expr match \"$CERTBOT_DOMAIN\" '\\(.*\\)\\..*\\..*')<\/code><br \/>\n\u4e3a<br \/>\n<code>CERTBOT_DOMAIN=${CERTBOT_DOMAIN\/\\*\\.\/}<br \/>\nDOMAIN=$(echo $CERTBOT_DOMAIN | rev | cut -d'.' -f -2 | rev)<br \/>\nTXHOST=$(echo $CERTBOT_DOMAIN | rev | cut -d'.' -f 3- | rev)<br \/>\nSUFFIX=$(echo $CERTBOT_DOMAIN | rev | cut -d'.' -f 2 | rev)<br \/>\nif [[ \"$SUFFIX\" = \"com\" || \"$SUFFIX\" = \"net\" || \"$SUFFIX\" = \"org\" || \"$SUFFIX\" = \"gov\" || \"$SUFFIX\" = \"edu\" ]]; then<br \/>\nDOMAIN=$(echo $CERTBOT_DOMAIN | rev | cut -d'.' -f -3 | rev)<br \/>\nTXHOST=$(echo $CERTBOT_DOMAIN | rev | cut -d'.' -f 4- | rev)<br \/>\nfi<\/code><br \/>\n\u5426\u5219\u7c7b\u4f3cdomain.com.cn\u8fd9\u6837\u7684\u57df\u540d\u4e0d\u80fd\u6b63\u786e\u8bc6\u522b<\/p>\n<p>6.2.2 \u4fee\u6539<br \/>\n<code>-d \"$PARAMS&amp;domain=$DOMAIN&amp;record_id=$RECORD_ID\" \\<\/code><br \/>\n\u6539\u4e3a<br \/>\n<code>-d \"$PARAMS&amp;domain=$DOMAIN&amp;record_id=$RECORD_ID&amp;lang=en\" \\<\/code><br \/>\n\u5426\u5219\u6267\u884c\u65f6\u4f1a\u63d0\u793a\u9519\u8bef<\/p>\n<p>6.3 \u914d\u7f6eDNSPOD API<br \/>\n\u5c06<a href=\"https:\/\/console.dnspod.cn\/account\/token\/token\" target=\"_blank\" rel=\"noopener\">DNSPOD<\/a>\u4e0a\u5f97\u5230\u7684ID\u548cToken\u4fdd\u5b58\u5165\u914d\u7f6e\u6587\u4ef6<br \/>\n<code>echo \"<em><strong>ID<\/strong><\/em>,<strong><em>Token<\/em><\/strong>\" &gt; \/etc\/dnspod_token<\/code><\/p>\n<p>6.4 \u83b7\u53d6\u8bc1\u4e66<br \/>\n<code>certbot certonly --manual --preferred-challenges dns-01 --email <strong><em>yourname@domain.com<\/em><\/strong> --server https:\/\/acme-v02.api.letsencrypt.org\/directory --manual-auth-hook \/path\/to\/certbot-auth-dnspod.sh --manual-cleanup-hook \"\/path\/to\/certbot-auth-dnspod.sh clean\" -d <strong><em>domain.com<\/em><\/strong> -d <strong><em>*.domain.com<\/em><\/strong><\/code><\/p>\n<p>\u53ef\u4ee5\u8bbe\u7f6e\u547d\u4ee4\u522b\u540d<\/p>\n<p>vi ~\/.bashrc<\/p>\n<p>\u6dfb\u52a0<\/p>\n<p><code>alias getcert='certbot certonly --manual --preferred-challenges dns-01 --email <strong><em>yourname@domain.com<\/em><\/strong> --server https:\/\/acme-v02.api.letsencrypt.org\/directory --manual-auth-hook \/path\/to\/certbot-auth-dnspod.sh --manual-cleanup-hook \"\/path\/to\/certbot-auth-dnspod.sh clean\"\u2018<\/code><\/p>\n<p>\u4ee5\u540e\u5c31\u53ef\u4ee5\u7528\u7b80\u5316\u7684\u547d\u4ee4\u6765\u66f4\u65b0\u8bc1\u4e66\u4e86<\/p>\n<p><code>getcert -d <strong><em>domain.com<\/em><\/strong> -d <strong><em>*.domain.com<\/em><\/strong><\/code><\/p>\n<p>6.5 \u4fee\u6539nginx\u7684\u7ad9\u70b9\u914d\u7f6e\u6587\u4ef6\uff0c\u6307\u5411\u65b0\u8bc1\u4e66<\/p>\n<p>&nbsp;<\/p>\n<p>\u53c2\u8003\uff1a<a href=\"https:\/\/www.xiaocaicai.com\/2021\/04\/%E4%BD%BF%E7%94%A8lets-encrypt%E5%92%8Cdnspod%E6%9D%A5%E8%87%AA%E5%8A%A8%E8%8E%B7%E5%8F%96ssl%E8%AF%81%E4%B9%A6\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.xiaocaicai.com\/2021\/04\/\u4f7f\u7528lets-encrypt\u548cdnspod\u6765\u81ea\u52a8\u83b7\u53d6ssl\u8bc1\u4e66\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6309\u7167https:\/\/certbot.eff.org\/instructions?ws=nginx&amp;os= [&hellip;]<\/p>... ","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-308","post","type-post","status-publish","format-standard","hentry","category-4"],"_links":{"self":[{"href":"https:\/\/blog.zhouhonghe.com\/index.php?rest_route=\/wp\/v2\/posts\/308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.zhouhonghe.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.zhouhonghe.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.zhouhonghe.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.zhouhonghe.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=308"}],"version-history":[{"count":28,"href":"https:\/\/blog.zhouhonghe.com\/index.php?rest_route=\/wp\/v2\/posts\/308\/revisions"}],"predecessor-version":[{"id":314,"href":"https:\/\/blog.zhouhonghe.com\/index.php?rest_route=\/wp\/v2\/posts\/308\/revisions\/314"}],"wp:attachment":[{"href":"https:\/\/blog.zhouhonghe.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=308"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.zhouhonghe.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.zhouhonghe.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}