acme 泛域名https证书续期笔记
acme 泛域名https证书续期笔记
发表于2020-09-01
[root@LanhuServer1 ~]# cd .acme.sh
[root@LanhuServer1 .acme.sh]#
[root@LanhuServer1 .acme.sh]# sh acme.sh --renew -d *.235kk.com --yes-I-know-dns-manual-mode-enough-go-ahead-please
[root@LanhuServer1 .acme.sh]# sh acme.sh --renew -d *.lanhusoft.com --yes-I-know-dns-manual-mode-enough-go-ahead-please
[root@LanhuServer1 .acme.sh]# sh acme.sh --renew -d *.lanhucms.com --yes-I-know-dns-manual-mode-enough-go-ahead-please
第一次生成:
[root@LanhuServer1 .acme.sh]# sh acme.sh --issue --dns -d *.lanhusoft.com --yes-I-know-dns-manual-mode-enough-go-ahead-please
[root@LanhuServer1 .acme.sh]# sh acme.sh --renew -d *.lanhusoft.com --yes-I-know-dns-manual-mode-enough-go-ahead-please
续期证书:
[root@LanhuServer1 .acme.sh]# sh acme.sh --renew -d *.lanhucms.com --yes-I-know-dns-manual-mode-enough-go-ahead-please
提示txt记录值不对!
添加域名txt记录
再执行续期命令:
[root@LanhuServer1 .acme.sh]# sh acme.sh --renew -d *.lanhucms.com --yes-I-know-dns-manual-mode-enough-go-ahead-please
导出成pfx
[root@LanhuServer1 .acme.sh]# cd *.lanhucms.com
[root@LanhuServer1 *.lanhucms.com]# openssl pkcs12 -export -out *.lanhucms.com.pfx -inkey *.lanhucms.com.key -in *.lanhucms.com.cer -certfile fullchain.cer
提示输入证书密码:
[root@LanhuServer1 *.lanhucms.com]# cp \*.lanhucms.com.pfx /root/
cp: overwrite ‘/root/*.lanhucms.com.pfx’? yes
导入证书
开始,运行,mmc
右键,所有任务导入证书,选择证书,输入密码
绑定网站
