sslforfree3个月的免费证书过期了,免费更换实操

/ 博客相关 / 0 条评论 / 1761浏览

什么时候要跟换SSL证书

如何更新SSL证书

下面以rayoy.com 实操告诉大家如何更换即将过期的SSL证书。

  1. 登录https://www.sslforfree.com/
  2. 找到你的域名列表点击:renew
  3. 上传(工具:Transmit)校验文件到:/usr/share/nginx/html/.well-known/acme-challenge/
  4. Verify successful upload by visiting the following links in your browser
  5. Click Download SSL Certificate below
  6. goto:/home/raywang/myblog/.certs/,打开服务器上面的旧的certificate.crt文件,将certificate.crt、ca_bundle.crt内容粘贴替换原来的内容即可。替换private.key的内容。
  7. nginx -s reload
  8. 注意:需要重新加载Nginx配置才能生效,所以step 7 非常重要。

备注:本人使用阿里云服务器 Nginx配置供你参考:

#
# The default server
#

server {
    listen       80;
    #listen       [::]:80 default_server;
    server_name  *.rayoy.com;
    root         /usr/share/nginx/html;
    rewrite ^(.*)$ https://$host$1 permanent;
    
    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location / {
#	proxy_pass   http://127.0.0.1:8080;
    }

    error_page 404 /404.html;
        location = /40x.html {
    }

    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }

}
 server {
        listen       443 ssl;
        server_name  *.rayoy.com;

        ssl_certificate      /home/raywang/myblog/.certs/certificate.crt;
        ssl_certificate_key  /home/raywang/myblog/.certs/private.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
	    proxy_pass   http://127.0.0.1:8080;
            #root         /usr/share/nginx/html;
            #index  index.html index.htm;
        }
 	    location /.well-known/ {
            #proxy_pass   http://127.0.0.1:8080;
            root         /usr/share/nginx/html;
            #index  index.html index.htm;
        }

}