ubuntu自签https证书

环境

ubuntu 20.04

安装包

apt install certbot python3-certbot-nginx

配置

certbot --nginx

1,配置邮箱
2，配置A
3，选Y
4，选择域名。多个域名用,隔开
5，2强制https跳转

证书具体位置

root@VM-16-17-ubuntu:/etc/nginx/conf.d# ls -lt /etc/letsencrypt/live/srerun.com/
total 4
lrwxrwxrwx 1 root root  34 Apr 26 12:04 cert.pem -> ../../archive/srerun.com/cert1.pem
lrwxrwxrwx 1 root root  35 Apr 26 12:04 chain.pem -> ../../archive/srerun.com/chain1.pem
lrwxrwxrwx 1 root root  39 Apr 26 12:04 fullchain.pem -> ../../archive/srerun.com/fullchain1.pem
lrwxrwxrwx 1 root root  37 Apr 26 12:04 privkey.pem -> ../../archive/srerun.com/privkey1.pem

查看nginx配置

...
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/srerun.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/srerun.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
...

计划任务

0 3 1 * * certbot renew --force-renew