[Amazon Linux2]NginxによるLet’s Encrypt

LINEで送る
Pocket

  • EPEL7の有効化
$ sudo wget -r --no-parent -A 'epel-release-*.rpm' http://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/

$ sudo rpm -Uvh dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-*.rpm

$ sudo yum-config-manager --enable epel*
  • certbotのインストール
$ sudo yum install certbot python2-certbot-nginx
  • 証明書を取得と設定
$ sudo certbot --nginx
  • nginx virtual
server {
    server_name  adachin.com;
    rewrite index.html https://adachin.com permanent;
}

server {
    listen       443 ssl;
    server_name  adachin.com;
    root /var/www/adachin.com/public;
    index index.html index.php;
    access_log      /var/log/nginx/adachin.comssl.access.log;
    error_log       /var/log/nginx/adachin.comssl.error.log;
    ssl_certificate /etc/letsencrypt/live/adachin.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/adachin.com/privkey.pem; # managed by Certbot
    try_files $uri $uri/ /index.php?q=$uri&$args;
    location ~ \.php$ {
            fastcgi_pass  unix:/var/run/php-fpm/php-fpm.sock;
            fastcgi_index   index.php;
            fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
            include        fastcgi_params;
    }
}
  • cron
0 4 * * * root certbot renew --no-self-upgrade

Was this helpful?

0 / 0

コメントを残す 0

Your email address will not be published. Required fields are marked *