Lighttpd是一个被遗忘的web服务器。本教程适用于ubuntu 16.04

安装Lighttpd

apt install lighttpd@H_403_7@ 
安装letsencrypt
 
apt-get install letsencrypt@H_403_7@ 
创建一个验证目录
 
mkdir -p /var/www/letsencrypt/.well-known/@H_403_7@ 
添加Lighttpd目录配置
 
alias.url += ( "/.well-known/" => "/var/www/letsencrypt/.well-known/" )@H_403_7@ 
创建配置文件
 
/opt/letsencrypt/letsencrypt-auto certonly --webroot --manual-public-ip-logging-ok -d example.com --agree-tos -m you@example.com --text  -w /var/www/letsencrypt/@H_403_7@ 
替换邮箱、域名，注意example.com无需加www
 
证书说明
 
@H_502_28@ 
 
privkey.pem: 私钥
 
 
cert.pem: 只有服务器证书
 
 
chain.pem: 根证书+中级证书
 
 
fullchain.pem: 根证书+中级证书+服务器证书
 
 
续期
 
/opt/letsencrypt/certbot-auto renew@H_403_7@ 
添加一个每周任务/etc/cron.weekly/letsencrypt输入以下代码
 
#!/bin/bash
/opt/letsencrypt/certbot-auto renew@H_403_7@ 
配置Lighttpd
 
Lighttpd需要合并privkey.pem cert.pem
 
cd /etc/letsencrypt/live/example.com/
cat privkey.pem cert.pem > ssl.pem@H_403_7@ 
在Lighttpd配置中添加
 
ssl.pemfile = /etc/letsencrypt/live/example.com/ssl.pem
ssl.ca-file = /etc/letsencrypt/live/example.com/chain.pem@H_403_7@ 
更多参考
 
技巧
 
测试语法是否正确
 
lighttpd -t -f /etc/lighttpd/lighttpd.conf@H_403_7@ 
后记
 
Nginx中只需添加
 
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;@H_403_7@