foo

foo

follow

Lego申請泛域名證書

安裝 lego#

curl -fsSLO https://github.com/go-acme/lego/releases/download/v4.14.0/lego_v4.14.0_linux_amd64.tar.gz
tar xvf lego_*.tar.gz
rm -f CHANGELOG.md LICENSE

簽發#

export CLOUDFLARE_EMAIL="root@gmail.com"
export CLOUDFLARE_API_KEY="CLOUDFLARE_API_KEY"
export SERVER=${SERVER:-https://acme-v02.api.letsencrypt.org/directory}
export DOMAIN=${DOMAIN:-example.com}
export LEGO_PATH="/root/cert/"
./lego --server="${SERVER}" \
    --dns.resolvers="1.1.1.1:53" \
    --email="${EMAIL}" \
    --accept-tos \
    --dns="cloudflare" \
    --domains="${DOMAIN}" \
    --domains="*.${DOMAIN}" \
    --pem \
    run

續簽#

 "run" 替換為 "renew"

驗證證書是否可信任 (debian12)#

openssl verify -CAfile /etc/ssl/certs/ca-certificates.crt -untrusted /root/txtk/certificates/example.com.issuer.crt /root/txtk/certificates/example.com.crt

lego 的 server 參考下面#

acme_server api

載入中......
此文章數據所有權由區塊鏈加密技術和智能合約保障僅歸創作者所有。