原文链接: http://PHPecshop.blog.51cto.com/6296699/1891737
最近在做微信小程序商城开发的时候,阅读官方api文档发现要求https,
@H_403_10@wx.request(OBJECT)wx.request
发起的是 HTTPS 请求。
于是开始了在Centos 6.8下利用letsencrypt.sh脚本为Nginx 配置免费https(Let's Encrypt SSL证书)的路程。
1、下载letsencrypt.sh
#wgethttps://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.conf #wgethttps://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.sh
#vimletsencrypt.conf #onlymodifythevalues,keyfileswillbegeneratedautomaticly. ACCOUNT_KEY="letsencrypt-account.key" DOMAIN_KEY="mtian.net.key" DOMAIN_DIR="/usr/local/Nginx/html"#网站的根目录 DOMAINS="DNS:mtian.net,DNS:www.mtian.net"#你的网站域名,多个域名用,号分隔 #ECC=TRUE #LIGHTTPD=TRUE
添加执行权限并执行 #chmod+xletsencrypt.sh #./letsencrypt.shletsencrypt.conf 运行完成后会在当前目录生成如下文件 letsencrypt-account.keylets-encrypt-x3-cross-signed.pemmtian.csr letsencrypt.confmtian.chained.crtmtian.net.key letsencrypt.shmtian.crt
#vim/usr/local/Nginx/conf/Nginx.conf server{ listen443ssl; server_namewww.mtian.net; sslon; ssl_certificate/usr/local/Nginx/conf/mtian.chained.crt; ssl_certificate_key/usr/local/Nginx/conf/mtian.net.key; location/{ roothtml; indexindex.htmlindex.htm; } }
6、复制letsencrypt.sh生成的mtian.chained.crt和mtian.net.key 件到 Nginx.conf中指定的目录/usr/local/Nginx/conf/
#cpmtian.chained.crt/usr/local/Nginx/conf/ #cpmtian.net.key/usr/local/Nginx/conf/
7、重启Nginx
#serviceNginxrestart StoppingNginx:[OK] StartingNginx:[OK]
8、打开浏览器访问https://www.mtian.net/,火狐和谷歌都可以正常访问并且有绿色的锁,https配置完成。