“FreeBSD:Apache Let's Encrypt”与“CentOS:网络配置”：页面之间的差异

2019年1月23日 (三) 09:09的版本

/etc/sysconfig/network-scripts/ifcfg-enp0s3

ON_BOOT=yes

service network restart

@@ 第1行： / 第1行： @@
-<source lang="bash">
-pkg search certbot
+/etc/sysconfig/network-scripts/ifcfg-enp0s3
-pkg install py27-certbot
+<source lang="properties">
+ON_BOOT=yes
 </source>
-启用 mod_ssl:
-/usr/local/etc/apache24/httpd.conf
-<pre>
-LoadModule ssl_module libexec/apache24/mod_ssl.so
-</pre>
-/usr/local/etc/apache24/modules.d/020_mod_ssl.conf
-<pre>
-Listen 443
-SSLProtocol ALL -SSLv2 -SSLv3
-SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
-SSLPassPhraseDialog  builtin
-SSLSessionCacheTimeout  300
-</pre>
-配置.well-known:
-在 httpd.conf 中加入
-<pre>
-<Directory "/usr/local/www/.well-known/">
-   Options None
-   AllowOverride None
-   Require all granted
-   Header add Content-Type text/plain
-</Directory>
-</pre>
-然后在每一个 virtualhost 中增加：
-<pre>
-<VirtualHost *:80>
-    Alias /.well-known/ /usr/local/www/.well-known/
-    ServerName riguz.com
-</pre>
-这样完了后就可以生成证书了：
 <source lang="bash">
-certbot certonly \
+service network restart
---webroot \
--w /usr/local/www/ \
--d riguz.com \
--d www.riguz.com \
--d blog.riguz.com \
--d wiki.riguz.com \
--d view.riguz.com \
--d bug.riguz.com
 </source>
-完了为每一个 virtualhost 配置 ssl:
-<pre>
-<VirtualHost *:443>
-        SSLEngine on
-	SSLCertificateFile "/usr/local/etc/letsencrypt/live/www.yourdomain.com/cert.pem"
-	SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/www.yourdomain.com/privkey.pem"
-	SSLCertificateChainFile "/usr/local/etc/letsencrypt/live/www.yourdomain.com/fullchain.pem"
-...
-</pre>
-注： certbot renew的时候，不能强制http -> https
-<pre>
-RewriteEngine off
-RewriteCond %{SERVER_NAME} =riguz.com
-RewriteRule ^ https://riguz.com%{REQUEST_URI} [END,NE,R=permanent
-</pre>
 [[Category:Linux/Unix]]