mirror of
https://gitee.com/270580156/weiyu.git
synced 2026-05-20 06:07:53 +00:00
1 line
14 KiB
JavaScript
1 line
14 KiB
JavaScript
"use strict";(self.webpackChunkdocs=self.webpackChunkdocs||[]).push([[564],{6246:(e,n,s)=>{s.d(n,{R:()=>i,x:()=>d});var l=s(2155);const r={},c=l.createContext(r);function i(e){const n=l.useContext(c);return l.useMemo((function(){return"function"==typeof e?e(n):{...n,...e}}),[n,e])}function d(e){let n;return n=e.disableParentContext?"function"==typeof e.components?e.components(r):e.components||r:i(e.components),l.createElement(c.Provider,{value:n},e.children)}},9186:(e,n,s)=>{s.r(n),s.d(n,{assets:()=>t,contentTitle:()=>d,default:()=>o,frontMatter:()=>i,metadata:()=>l,toc:()=>a});const l=JSON.parse('{"id":"deploy/depend/letsencrypt","title":"Let\'s Encrypt SSL\u8bc1\u4e66\u7533\u8bf7\u6307\u5357","description":"Let\'s Encrypt \u662f\u4e00\u4e2a\u514d\u8d39\u3001\u5f00\u6e90\u7684\u8bc1\u4e66\u9881\u53d1\u673a\u6784\uff0c\u53ef\u4ee5\u5e2e\u52a9\u60a8\u4e3a\u7f51\u7ad9\u83b7\u53d6SSL/TLS\u8bc1\u4e66\uff0c\u542f\u7528HTTPS\u52a0\u5bc6\u8fde\u63a5\u3002\u672c\u6307\u5357\u5c06\u5f15\u5bfc\u60a8\u5b8c\u6210\u7533\u8bf7\u548c\u5b89\u88c5\u8fc7\u7a0b\u3002","source":"@site/i18n/zh-CN/docusaurus-plugin-content-docs/current/deploy/depend/letsencrypt.md","sourceDirName":"deploy/depend","slug":"/deploy/depend/letsencrypt","permalink":"/docs/zh-CN/docs/deploy/depend/letsencrypt","draft":false,"unlisted":false,"editUrl":"https://github.com/bytedesk/bytedesk/docs/deploy/depend/letsencrypt.md","tags":[],"version":"current","sidebarPosition":10,"frontMatter":{"sidebar_label":"Letsencrypt","sidebar_position":10},"sidebar":"tutorialSidebar","previous":{"title":"JDK17","permalink":"/docs/zh-CN/docs/deploy/depend/jdk"},"next":{"title":"Llm Provider","permalink":"/docs/zh-CN/docs/category/llm-provider"}}');var r=s(5723),c=s(6246);const i={sidebar_label:"Letsencrypt",sidebar_position:10},d="Let's Encrypt SSL\u8bc1\u4e66\u7533\u8bf7\u6307\u5357",t={},a=[{value:"\u4ec0\u4e48\u662fSSL\u8bc1\u4e66\uff1f",id:"\u4ec0\u4e48\u662fssl\u8bc1\u4e66",level:2},{value:"\u5b89\u88c5Certbot\u5de5\u5177",id:"\u5b89\u88c5certbot\u5de5\u5177",level:2},{value:"\u7533\u8bf7\u8bc1\u4e66\u7684\u65b9\u6cd5",id:"\u7533\u8bf7\u8bc1\u4e66\u7684\u65b9\u6cd5",level:2},{value:"\u65b9\u6cd51: \u81ea\u52a8\u7533\u8bf7\u548c\u914d\u7f6e\uff08\u9002\u5408\u5927\u591a\u6570\u60c5\u51b5\uff09",id:"\u65b9\u6cd51-\u81ea\u52a8\u7533\u8bf7\u548c\u914d\u7f6e\u9002\u5408\u5927\u591a\u6570\u60c5\u51b5",level:3},{value:"\u65b9\u6cd52: \u4ec5\u7533\u8bf7\u8bc1\u4e66\uff08\u4e0d\u4fee\u6539\u914d\u7f6e\uff09",id:"\u65b9\u6cd52-\u4ec5\u7533\u8bf7\u8bc1\u4e66\u4e0d\u4fee\u6539\u914d\u7f6e",level:3},{value:"\u65b9\u6cd53: \u7533\u8bf7\u901a\u914d\u7b26\u8bc1\u4e66\uff08\u9002\u7528\u4e8e\u591a\u4e2a\u5b50\u57df\u540d\uff09",id:"\u65b9\u6cd53-\u7533\u8bf7\u901a\u914d\u7b26\u8bc1\u4e66\u9002\u7528\u4e8e\u591a\u4e2a\u5b50\u57df\u540d",level:3},{value:"\u901a\u914d\u7b26\u8bc1\u4e66\u7533\u8bf7\u6b65\u9aa4\u6f14\u793a",id:"\u901a\u914d\u7b26\u8bc1\u4e66\u7533\u8bf7\u6b65\u9aa4\u6f14\u793a",level:4},{value:"\u8bc1\u4e66\u66f4\u65b0",id:"\u8bc1\u4e66\u66f4\u65b0",level:2},{value:"\u81ea\u52a8\u66f4\u65b0",id:"\u81ea\u52a8\u66f4\u65b0",level:3},{value:"\u624b\u52a8\u66f4\u65b0",id:"\u624b\u52a8\u66f4\u65b0",level:3},{value:"\u914d\u7f6eWeb\u670d\u52a1\u5668\u4f7f\u7528\u8bc1\u4e66",id:"\u914d\u7f6eweb\u670d\u52a1\u5668\u4f7f\u7528\u8bc1\u4e66",level:2},{value:"Nginx\u914d\u7f6e\u793a\u4f8b",id:"nginx\u914d\u7f6e\u793a\u4f8b",level:3},{value:"\u6ce8\u610f\u4e8b\u9879",id:"\u6ce8\u610f\u4e8b\u9879",level:2},{value:"\u53c2\u8003\u8d44\u6599",id:"\u53c2\u8003\u8d44\u6599",level:2}];function h(e){const n={a:"a",code:"code",em:"em",h1:"h1",h2:"h2",h3:"h3",h4:"h4",header:"header",li:"li",ol:"ol",p:"p",pre:"pre",ul:"ul",...(0,c.R)(),...e.components};return(0,r.jsxs)(r.Fragment,{children:[(0,r.jsx)(n.header,{children:(0,r.jsx)(n.h1,{id:"lets-encrypt-ssl\u8bc1\u4e66\u7533\u8bf7\u6307\u5357",children:"Let's Encrypt SSL\u8bc1\u4e66\u7533\u8bf7\u6307\u5357"})}),"\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.a,{href:"https://letsencrypt.org",children:"Let's Encrypt"})," \u662f\u4e00\u4e2a\u514d\u8d39\u3001\u5f00\u6e90\u7684\u8bc1\u4e66\u9881\u53d1\u673a\u6784\uff0c\u53ef\u4ee5\u5e2e\u52a9\u60a8\u4e3a\u7f51\u7ad9\u83b7\u53d6SSL/TLS\u8bc1\u4e66\uff0c\u542f\u7528HTTPS\u52a0\u5bc6\u8fde\u63a5\u3002\u672c\u6307\u5357\u5c06\u5f15\u5bfc\u60a8\u5b8c\u6210\u7533\u8bf7\u548c\u5b89\u88c5\u8fc7\u7a0b\u3002"]}),"\n",(0,r.jsx)(n.h2,{id:"\u4ec0\u4e48\u662fssl\u8bc1\u4e66",children:"\u4ec0\u4e48\u662fSSL\u8bc1\u4e66\uff1f"}),"\n",(0,r.jsx)(n.p,{children:"SSL\u8bc1\u4e66\u5141\u8bb8\u7f51\u7ad9\u4f7f\u7528HTTPS\u534f\u8bae\uff08\u5373\u5b89\u5168\u7684HTTP\uff09\uff0c\u4fdd\u62a4\u7528\u6237\u4e0e\u7f51\u7ad9\u4e4b\u95f4\u4f20\u8f93\u7684\u6570\u636e\u5b89\u5168\u3002\u5f53\u60a8\u7684\u7f51\u7ad9\u542f\u7528HTTPS\u540e\uff1a"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"\u6570\u636e\u5728\u4f20\u8f93\u8fc7\u7a0b\u4e2d\u88ab\u52a0\u5bc6\uff0c\u9632\u6b62\u88ab\u7a83\u53d6"}),"\n",(0,r.jsx)(n.li,{children:"\u4e3a\u7528\u6237\u63d0\u4f9b\u66f4\u5b89\u5168\u7684\u6d4f\u89c8\u4f53\u9a8c"}),"\n",(0,r.jsx)(n.li,{children:"\u63d0\u5347\u7f51\u7ad9\u5728\u641c\u7d22\u5f15\u64ce\u4e2d\u7684\u6392\u540d"}),"\n",(0,r.jsx)(n.li,{children:"\u663e\u793a\u5b89\u5168\u9501\u56fe\u6807\uff0c\u589e\u52a0\u7528\u6237\u4fe1\u4efb"}),"\n"]}),"\n",(0,r.jsx)(n.h2,{id:"\u5b89\u88c5certbot\u5de5\u5177",children:"\u5b89\u88c5Certbot\u5de5\u5177"}),"\n",(0,r.jsx)(n.p,{children:"Certbot\u662f\u7533\u8bf7Let's Encrypt\u8bc1\u4e66\u7684\u5b98\u65b9\u5de5\u5177\u3002\u4ee5\u4e0b\u662f\u5728Ubuntu\u7cfb\u7edf\u4e0a\u5b89\u88c5Certbot\u7684\u6b65\u9aa4\uff1a"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-bash",children:"# 1. \u66f4\u65b0\u7cfb\u7edf\u8f6f\u4ef6\u5305\nsudo apt update\n\n# 2. \u5b89\u88c5snapd\u5de5\u5177\nsudo apt install snapd\n\n# 3. \u786e\u4fddsnapd\u662f\u6700\u65b0\u7248\u672c\nsudo snap install core\nsudo snap refresh core\n\n# 4. \u5b89\u88c5certbot\nsudo snap install --classic certbot\n\n# 5. \u521b\u5efa\u7b26\u53f7\u94fe\u63a5\uff0c\u786e\u4fddcertbot\u53ef\u6267\u884c\nsudo ln -s /snap/bin/certbot /usr/bin/certbot\n"})}),"\n",(0,r.jsx)(n.h2,{id:"\u7533\u8bf7\u8bc1\u4e66\u7684\u65b9\u6cd5",children:"\u7533\u8bf7\u8bc1\u4e66\u7684\u65b9\u6cd5"}),"\n",(0,r.jsx)(n.h3,{id:"\u65b9\u6cd51-\u81ea\u52a8\u7533\u8bf7\u548c\u914d\u7f6e\u9002\u5408\u5927\u591a\u6570\u60c5\u51b5",children:"\u65b9\u6cd51: \u81ea\u52a8\u7533\u8bf7\u548c\u914d\u7f6e\uff08\u9002\u5408\u5927\u591a\u6570\u60c5\u51b5\uff09"}),"\n",(0,r.jsx)(n.p,{children:"\u5982\u679c\u60a8\u7684\u670d\u52a1\u5668\u4e0a\u8fd0\u884c\u7740Nginx\u6216Apache\uff0c\u53ef\u4ee5\u4f7f\u7528\u81ea\u52a8\u914d\u7f6e\uff1a"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-bash",children:"# \u81ea\u52a8\u7533\u8bf7\u8bc1\u4e66\u5e76\u914d\u7f6eNginx\nsudo certbot --nginx\n\n# \u6216\u8005\u81ea\u52a8\u7533\u8bf7\u8bc1\u4e66\u5e76\u914d\u7f6eApache\nsudo certbot --apache\n"})}),"\n",(0,r.jsx)(n.p,{children:"\u6b64\u547d\u4ee4\u4f1a:"}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsx)(n.li,{children:"\u7533\u8bf7\u8bc1\u4e66"}),"\n",(0,r.jsx)(n.li,{children:"\u81ea\u52a8\u4fee\u6539\u60a8\u7684\u7f51\u7ad9\u914d\u7f6e\u6587\u4ef6"}),"\n",(0,r.jsx)(n.li,{children:"\u8bbe\u7f6e\u81ea\u52a8\u66f4\u65b0"}),"\n"]}),"\n",(0,r.jsx)(n.h3,{id:"\u65b9\u6cd52-\u4ec5\u7533\u8bf7\u8bc1\u4e66\u4e0d\u4fee\u6539\u914d\u7f6e",children:"\u65b9\u6cd52: \u4ec5\u7533\u8bf7\u8bc1\u4e66\uff08\u4e0d\u4fee\u6539\u914d\u7f6e\uff09"}),"\n",(0,r.jsx)(n.p,{children:"\u5982\u679c\u60a8\u5e0c\u671b\u624b\u52a8\u914d\u7f6e\u670d\u52a1\u5668\uff1a"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-bash",children:"# \u4ec5\u7533\u8bf7\u8bc1\u4e66\uff0c\u4e0d\u4fee\u6539\u914d\u7f6e\nsudo certbot certonly --nginx # \u9488\u5bf9Nginx\n# \u6216\nsudo certbot certonly --apache # \u9488\u5bf9Apache\n"})}),"\n",(0,r.jsx)(n.h3,{id:"\u65b9\u6cd53-\u7533\u8bf7\u901a\u914d\u7b26\u8bc1\u4e66\u9002\u7528\u4e8e\u591a\u4e2a\u5b50\u57df\u540d",children:"\u65b9\u6cd53: \u7533\u8bf7\u901a\u914d\u7b26\u8bc1\u4e66\uff08\u9002\u7528\u4e8e\u591a\u4e2a\u5b50\u57df\u540d\uff09"}),"\n",(0,r.jsx)(n.p,{children:"\u901a\u914d\u7b26\u8bc1\u4e66\u53ef\u8ba9\u60a8\u7528\u4e00\u4e2a\u8bc1\u4e66\u4fdd\u62a4\u591a\u4e2a\u5b50\u57df\u540d\uff08\u5982\uff1a*.example.com\uff09\uff1a"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-bash",children:"# \u7533\u8bf7\u901a\u914d\u7b26\u8bc1\u4e66\nsudo certbot certonly --manual --preferred-challenges=dns-01\n"})}),"\n",(0,r.jsx)(n.h4,{id:"\u901a\u914d\u7b26\u8bc1\u4e66\u7533\u8bf7\u6b65\u9aa4\u6f14\u793a",children:"\u901a\u914d\u7b26\u8bc1\u4e66\u7533\u8bf7\u6b65\u9aa4\u6f14\u793a"}),"\n",(0,r.jsx)(n.p,{children:"\u4e0b\u9762\u662f\u7533\u8bf7\u901a\u914d\u7b26\u8bc1\u4e66\u7684\u4ea4\u4e92\u8fc7\u7a0b\uff1a"}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsx)(n.p,{children:"\u8fd0\u884c\u547d\u4ee4\u540e\uff0c\u8f93\u5165\u60a8\u7684\u57df\u540d\uff08\u793a\u4f8b\uff09\uff1a"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-bash",children:"\u8bf7\u8f93\u5165\u60a8\u60f3\u8981\u4e3a\u8bc1\u4e66\u6dfb\u52a0\u7684\u57df\u540d(\u7528\u9017\u53f7\u6216\u7a7a\u683c\u5206\u9694):\nexample.com,*.example.com\n"})}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsx)(n.p,{children:"\u7cfb\u7edf\u4f1a\u8981\u6c42\u60a8\u6dfb\u52a0DNS TXT\u8bb0\u5f55\u6765\u9a8c\u8bc1\u57df\u540d\u6240\u6709\u6743\uff1a"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-bash",children:"\u8bf7\u5728\u4ee5\u4e0b\u57df\u540d\u4e0b\u6dfb\u52a0DNS TXT\u8bb0\u5f55:\n_acme-challenge.example.com\n\nTXT\u8bb0\u5f55\u503c:\nAb5x7HcJK2LoQn... (\u8fd9\u662f\u4e00\u4e2a\u968f\u673a\u751f\u6210\u7684\u957f\u5b57\u7b26\u4e32)\n"})}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsx)(n.p,{children:"\u767b\u5f55\u60a8\u7684DNS\u7ba1\u7406\u63a7\u5236\u53f0\uff08\u5982\u963f\u91cc\u4e91\u3001\u817e\u8baf\u4e91\u7b49\uff09\uff0c\u6dfb\u52a0\u8be5TXT\u8bb0\u5f55"}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsx)(n.p,{children:"\u6dfb\u52a0\u5b8c\u6210\u5e76\u7b49\u5f85DNS\u8bb0\u5f55\u751f\u6548\u540e\uff08\u901a\u5e38\u9700\u8981\u51e0\u5206\u949f\uff09\uff0c\u6309\u56de\u8f66\u7ee7\u7eed"}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsx)(n.p,{children:"\u9a8c\u8bc1\u6210\u529f\u540e\uff0c\u8bc1\u4e66\u4f1a\u4fdd\u5b58\u5230\u670d\u52a1\u5668\u4e0a\uff1a"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-bash",children:"\u8bc1\u4e66\u4f4d\u7f6e: /etc/letsencrypt/live/example.com/fullchain.pem\n\u79c1\u94a5\u4f4d\u7f6e: /etc/letsencrypt/live/example.com/privkey.pem\n"})}),"\n"]}),"\n"]}),"\n",(0,r.jsx)(n.h2,{id:"\u8bc1\u4e66\u66f4\u65b0",children:"\u8bc1\u4e66\u66f4\u65b0"}),"\n",(0,r.jsx)(n.p,{children:"Let's Encrypt\u8bc1\u4e66\u6709\u6548\u671f\u4e3a90\u5929\uff0c\u9700\u8981\u5b9a\u671f\u66f4\u65b0\u3002\u6709\u4e24\u79cd\u65b9\u5f0f\uff1a"}),"\n",(0,r.jsx)(n.h3,{id:"\u81ea\u52a8\u66f4\u65b0",children:"\u81ea\u52a8\u66f4\u65b0"}),"\n",(0,r.jsx)(n.p,{children:"\u5b89\u88c5Certbot\u540e\uff0c\u7cfb\u7edf\u4f1a\u81ea\u52a8\u6dfb\u52a0\u5b9a\u65f6\u4efb\u52a1\uff0c\u4e00\u822c\u65e0\u9700\u624b\u52a8\u5e72\u9884\u3002\u53ef\u4ee5\u6d4b\u8bd5\u66f4\u65b0\u8fc7\u7a0b\uff1a"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-bash",children:"sudo certbot renew --dry-run\n"})}),"\n",(0,r.jsx)(n.h3,{id:"\u624b\u52a8\u66f4\u65b0",children:"\u624b\u52a8\u66f4\u65b0"}),"\n",(0,r.jsx)(n.p,{children:"\u5982\u679c\u9700\u8981\u624b\u52a8\u66f4\u65b0\u8bc1\u4e66\uff1a"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-bash",children:"sudo certbot renew\n"})}),"\n",(0,r.jsx)(n.h2,{id:"\u914d\u7f6eweb\u670d\u52a1\u5668\u4f7f\u7528\u8bc1\u4e66",children:"\u914d\u7f6eWeb\u670d\u52a1\u5668\u4f7f\u7528\u8bc1\u4e66"}),"\n",(0,r.jsx)(n.h3,{id:"nginx\u914d\u7f6e\u793a\u4f8b",children:"Nginx\u914d\u7f6e\u793a\u4f8b"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-bash",children:"server {\n listen 443 ssl;\n server_name example.com;\n \n ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;\n ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;\n \n # \u5176\u4ed6SSL\u914d\u7f6e...\n \n # \u60a8\u7684\u7f51\u7ad9\u914d\u7f6e...\n}\n\n# \u5c06HTTP\u91cd\u5b9a\u5411\u5230HTTPS\nserver {\n listen 80;\n server_name example.com;\n return 301 https://$host$request_uri;\n}\n"})}),"\n",(0,r.jsx)(n.p,{children:"\u914d\u7f6e\u5b8c\u6210\u540e\u91cd\u542fNginx\uff1a"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-bash",children:"sudo service nginx restart\n"})}),"\n",(0,r.jsx)(n.h2,{id:"\u6ce8\u610f\u4e8b\u9879",children:"\u6ce8\u610f\u4e8b\u9879"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:["\u901a\u914d\u7b26\u8bc1\u4e66\u53ef\u4ee5\u4fdd\u62a4\u4e00\u4e2a\u57df\u540d\u7684\u6240\u6709\u4e00\u7ea7\u5b50\u57df\u540d\uff0c\u4f46\u4e0d\u652f\u6301\u591a\u7ea7\u901a\u914d\u7b26\uff08\u5982 ",(0,r.jsx)(n.em,{children:"."}),".example.com\uff09"]}),"\n",(0,r.jsx)(n.li,{children:"\u624b\u52a8\u7533\u8bf7\u7684\u8bc1\u4e66\u9700\u8981\u624b\u52a8\u7eed\u671f\uff0c\u8bf7\u8bb0\u5f97\u5728\u5230\u671f\u524d\u66f4\u65b0"}),"\n",(0,r.jsxs)(n.li,{children:["\u8bc1\u4e66\u6587\u4ef6\u4f4d\u7f6e\uff1a",(0,r.jsx)(n.code,{children:"/etc/letsencrypt/live/\u4f60\u7684\u57df\u540d/"})]}),"\n"]}),"\n",(0,r.jsx)(n.h2,{id:"\u53c2\u8003\u8d44\u6599",children:"\u53c2\u8003\u8d44\u6599"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.a,{href:"https://letsencrypt.org",children:"Let's Encrypt \u5b98\u65b9\u7f51\u7ad9"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.a,{href:"https://certbot.eff.org/instructions",children:"Certbot \u4f7f\u7528\u6587\u6863"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.a,{href:"https://sspai.com/post/66008",children:"\u624b\u52a8\u7533\u8bf7 Let's Encrypt \u901a\u914d\u7b26\u8bc1\u4e66\u6559\u7a0b"})}),"\n"]})]})}function o(e={}){const{wrapper:n}={...(0,c.R)(),...e.components};return n?(0,r.jsx)(n,{...e,children:(0,r.jsx)(h,{...e})}):h(e)}}}]); |