Apply cert for domain

发表于 更新于 分类于 Disqus:

Apply cert for domain

this article is apply cert for domain on ubuntu 22.04

Install nginx

1
sudo apt install nginx

Install snap

1
2
3
4
sudo snap install core
sudo snap refresh core
# Remove certbot-auto and any Certbot OS packages
sudo apt-get remove certbot

Install certbot

1
2
3
4
5
6
7
8
9
#Install Certbot
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo snap set certbot trust-plugin-with-root=ok
#Install correct DNS plugin
sudo snap install certbot-dns-aliyun
sudo snap set certbot trust-plugin-with-root=ok
sudo snap connect certbot:plugin certbot-dns-aliyun
/snap/bin/certbot plugins

Set up DNS credentials of aliyun

Go to https://ram.console.aliyun.com Apply AliYun child account And Set AliyunDNSFullAccess permission。Then create AccessKey for child account。

create certbot-dns-aliyun config:

1
2
3
4
5
6
cat > /home/ubuntu/aliyun.ini <<EOF
dns_aliyun_access_key = 12345678
dns_aliyun_access_key_secret = 1234567890abcdef1234567890abcdef
EOF

chmod 600 /home/ubuntu/aliyun.ini

Apply cert for nginx

1
2
3
4
sudo certbot -i nginx -a dns-aliyun  
  --certbot-dns-aliyun:dns-aliyun-credentials /home/ubuntu/aliyun.ini 
  -d xyfy.loan 
  -d "*.xyfy.loan"