Ubuntu 20.04

  • 安裝 DNS CloudFlare Plugin
    apt install python3-certbot-dns-cloudflare
  • 建立 /root/lets-encrypt/cloudflare.ini 
    mkdir -p /root/lets-encrypt/

    Exp: 

    # Cloudflare API credentials used by Certbot
dns_cloudflare_email = [email protected]
dns_cloudflare_api_key = 0123456789abcdef0123456789abcdef01234567
  • 設定保護權限 
    chmod 600 /root/lets-encrypt/cloudflare.ini
  • 進行申請新憑證 Exp. example.com 
    /usr/bin/certbot certonly \
  --dns-cloudflare \
  --dns-cloudflare-credentials /root/lets-encrypt/cloudflare.ini \
  --dns-cloudflare-propagation-seconds 10 \
  -d example.com
  • 進行定期更新憑證 Exp. example.com 
    /usr/bin/certbot renew \
  --dns-cloudflare \
  --dns-cloudflare-credentials /root/lets-encrypt/cloudflare.ini \
  --dns-cloudflare-propagation-seconds 10
  • 設定每天自動檢查更新
    1. 建立 /root/lets-encrypt/renewcert.sh 
      vi /root/lets-encrypt/renewcert.sh
      /usr/bin/certbot renew \
  --dns-cloudflare \
  --dns-cloudflare-credentials /root/lets-encrypt/cloudflare.ini \
  --dns-cloudflare-propagation-seconds 10
      chmod a+x /root/lets-encrypt/renewcert.sh
    2. 設定 /etc/crontab
      vi /etc/crontab
      :
# let's encrypt
35 2 * * * root /root/lets-encrypt/renewcert.sh > /tmp/renewcert.log
      systemctl restart crond
  • tech/ssl_letsencrypt/cf_ubuntu20_04.txt
  • 上一次變更: 2021/06/23 22:45
  • jonathan