PHP前端开发

微信小程序开发在Centos 6.8下利用letsencrypt.sh脚本为nginx配置免费https证书步骤

百变鹏仔 3天前 #前端问答
文章标签 程序开发

最近在做微信小程序商城开发的时候,阅读官方api文档发现要求https,

    wx.request(OBJECT)

    wx.request发起的是 HTTPS 请求。

于是开始了在Centos 6.8下利用letsencrypt.sh脚本为nginx 配置免费https(Let's Encrypt SSL证书)的路程。

1、下载letsencrypt.sh

# wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.conf# wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.sh

2、修改letsencrypt.conf文件的参数

# vim letsencrypt.conf # only modify the values, key files will be generated automaticly.ACCOUNT_KEY="letsencrypt-account.key" DOMAIN_KEY="mtian.net.key"DOMAIN_DIR="/usr/local/nginx/html"  #网站的根目录DOMAINS="DNS:mtian.net,DNS:www.mtian.net" #你的网站域名,多个域名用,号分隔#ECC=TRUE#LIGHTTPD=TRUE

3、执行文件,生成https所需要的ssl证书文件

添加执行权限并执行# chmod +x letsencrypt.sh   # ./letsencrypt.sh letsencrypt.conf   运行完成后会在当前目录生成如下文件letsencrypt-account.key  lets-encrypt-x3-cross-signed.pem  mtian.csrletsencrypt.conf         mtian.chained.crt                 mtian.net.keyletsencrypt.sh           mtian.crt

5、修改nginx配置文件,加入https

# vim /usr/local/nginx/conf/nginx.conf          server {        listen       443 ssl;        server_name  www.mtian.net;         ssl on;                 ssl_certificate /usr/local/nginx/conf/mtian.chained.crt;        ssl_certificate_key /usr/local/nginx/conf/mtian.net.key;          location / {            root   html;            index  index.html index.htm;        }    }

6、复制letsencrypt.sh生成的mtian.chained.crt和mtian.net.key 件到 nginx.conf中指定的目录/usr/local/nginx/conf/

# cp  mtian.chained.crt /usr/local/nginx/conf/# cp  mtian.net.key  /usr/local/nginx/conf/

7、重启nginx

# service nginx restart Stopping nginx:                                            [  OK  ]Starting nginx:                                            [  OK  ]

8、打开浏览器访问https://www.mtian.net/,火狐和谷歌都可以正常访问并且有绿色的锁,https配置完成。