==== CentOS 6 ==== - 建立 /root/lets-encrypt/authenticator.sh cd /root/lets-encrypt/ wget https://svn.ichiayi.com/opensvn/opentrysoft/certbot/authenticator.sh chmod a+x authenticator.sh - 建立 /root/lets-encrypt/cleanup.sh cd /root/lets-encrypt/ wget https://svn.ichiayi.com/opensvn/opentrysoft/certbot/cleanup.sh chmod a+x cleanup.sh - 取得 CloudFlare 的 Zone ID 與 Global API Key 更改 authenticator.sh 與 cleanup.sh 內容 : API_KEY="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" EMAIL="xxx@xxx.xxx" ZONE_ID="xxxxxxxxxxxxxxx" : ++看 CloudFlare 取得 Zone ID / Global API Key 畫面| {{:tech:2019031501.png}} \\ {{:tech:2019031502.png}} \\ {{:tech:2019031503.png}} \\ {{:tech:2019031504.png}} \\ {{:tech:2019031505.png}}++ - 執行取得 SSL 憑證命令 Exp. erp.ichiayi.com /root/lets-encrypt/certbot-auto certonly --manual --preferred-challenges=dns --manual-auth-hook /root/lets-encrypt/authenticator.sh --manual-cleanup-hook /root/lets-encrypt/cleanup.sh -d erp.ichiayi.com * 設定憑證到期自動更新 - 建立 /root/lets-encrypt/renewcert.sh Exp. erp.ichiayi.com vi /root/lets-encrypt/renewcert.sh /root/lets-encrypt/certbot-auto renew --preferred-challenges=dns --manual-auth-hook /root/lets-encrypt/authenticator.sh --manual-cleanup-hook /root/lets-encrypt/cleanup.sh --agree-tos - 設定執行權限 chmod a+x /root/lets-encrypt/renewcert.sh - 設定每天 4:30 執行自動檢查一次 vi /etc/crontab : # erp.ichiayi.com SSL cert auto renew 30 4 * * * root /root/lets-encrypt/renewcert.sh > /tmp/certrenew.log service crond restart