{"id":6006,"date":"2019-11-08T11:05:11","date_gmt":"2019-11-08T03:05:11","guid":{"rendered":"https:\/\/blog.hoyo.idv.tw\/?p=6006"},"modified":"2019-11-08T11:12:04","modified_gmt":"2019-11-08T03:12:04","slug":"lets-encrypt-certbot-%e5%85%8d%e8%b2%bb-ssl-0-40-1","status":"publish","type":"post","link":"https:\/\/blog.hoyo.idv.tw\/?p=6006","title":{"rendered":"Let\u2019s Encrypt + certbot : \u514d\u8cbb SSL (0.40.1)"},"content":{"rendered":"<p>\u672c\u6587\u5c0d\u61c9\u7248\u672c\uff1a<span style=\"color: #cc2929;\"><strong>0.40.1<\/strong><\/span><\/p>\n<ul>\n<li><a href=\"https:\/\/letsencrypt.org\/\" target=\"_blank\" rel=\"noopener\">Let's Encrypt - Free SSL\/TLS Certificates<\/a><\/li>\n<li><a href=\"https:\/\/certbot.eff.org\/\" target=\"_blank\" rel=\"noopener\">Certbot<\/a><\/li>\n<li><a class=\"current reference internal\" href=\"https:\/\/certbot.eff.org\/docs\/using.html?#\" target=\"_blank\" rel=\"noopener\">User Guide<\/a><\/li>\n<\/ul>\n<p>--<\/p>\n<h2>\u4e0b\u8f09\u3001\u5b89\u88dd<\/h2>\n<pre class=\"lang:default decode:true\"># wget https:\/\/dl.eff.org\/certbot-auto\r\n# chmod a+x .\/certbot-auto\r\n# .\/certbot-auto<\/pre>\n<p>\u4e0b\u8f09\u5f8c\u52a0\u4e0a\u57f7\u884c\u5c6c\u6027\uff0c\u88f8\u57f7\u884c\u4e00\u4e0b\u8b93\u7a0b\u5f0f\u81ea\u52d5\u66f4\u65b0\u53ca\u88dc\u4e0a\u7cfb\u7d71\u7f3a\u5c11\u7684\u5957\u4ef6<\/p>\n<p>--<\/p>\n<h2>mod_socache_shmcb.so<\/h2>\n<pre class=\"lang:default decode:true\"># vi \/etc\/httpd\/conf.modules.d\/00-base.conf\r\n\r\nLoadModule socache_shmcb_module modules\/mod_socache_shmcb.so<\/pre>\n<p>\u5c07\u00a0mod_socache_shmcb.so \u8a3b\u89e3\u79fb\u9664<\/p>\n<p>\u91cd\u65b0\u555f\u52d5 httpd<\/p>\n<p>--<\/p>\n<h2>\u5b89\u88dd\u8b49\u66f8 by \u7db2\u7ad9<\/h2>\n<pre class=\"lang:default decode:true\">.\/certbot-auto certonly --apache<\/pre>\n<p>\u56e0\u70ba\u6c92\u6709 DNS \u6b0a\u9650\uff0c\u5148\u6e2c\u8a66\u4e86\u55ae\u4e00\u7db2\u7ad9\u7684\u5b89\u88dd\uff0ccertbot \u6703\u81ea\u52d5\u5075\u6e2c apache \u8a2d\u5b9a\u6a94\u6293\u53d6\u7db2\u7ad9\uff0c\u8b49\u66f8\u5b58\u653e\u5728\u00a0<strong>\/etc\/letsencrypt\/live\/*<\/strong> \u5167<\/p>\n<p>--<\/p>\n<h2>etc\/httpd\/conf.d\/ssl.conf \u7bc4\u4f8b<\/h2>\n<pre class=\"lang:default decode:true\">&lt;VirtualHost _default_:443&gt;\r\n\r\n    DocumentRoot \"\/srv\/htdocs\/linepay\"\r\n    ServerName linepaylabs.dae.tw:443\r\n\r\n    SSLEngine on\r\n    SSLProtocol all -SSLv2 -SSLv3\r\n    SSLCipherSuite HIGH:3DES:!aNULL:!MD5:!SEED:!IDEA\r\n    SSLCertificateFile \/etc\/letsencrypt\/live\/linepaylabs.dae.tw\/cert.pem\r\n    SSLCertificateKeyFile \/etc\/letsencrypt\/live\/linepaylabs.dae.tw\/privkey.pem\r\n    SSLCertificateChainFile \/etc\/letsencrypt\/live\/linepaylabs.dae.tw\/fullchain.pem\r\n\r\n    &lt;Files ~ \"\\.(cgi|shtml|phtml|php3?)$\"&gt;\r\n        SSLOptions +StdEnvVars\r\n    &lt;\/Files&gt;\r\n    &lt;Directory \"\/var\/www\/cgi-bin\"&gt;\r\n        SSLOptions +StdEnvVars\r\n    &lt;\/Directory&gt;\r\n\r\n    BrowserMatch \"MSIE [2-5]\" \\\r\n             nokeepalive ssl-unclean-shutdown \\\r\n             downgrade-1.0 force-response-1.0\r\n\r\n    #   Per-Server Logging:\r\n    #   The home of a custom SSL log file. Use this when you want a\r\n    #   compact non-error SSL logfile on a virtual host basis.\r\n    CustomLog logs\/ssl_request_log \\\r\n              \"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \\\"%r\\\" %b\"\r\n\r\n&lt;\/VirtualHost&gt;<\/pre>\n<p>--<\/p>\n<div class=\"pvc_clear\"><\/div>\n<p class=\"pvc_stats all \" data-element-id=\"6006\" style=\"\"><i class=\"pvc-stats-icon medium\" aria-hidden=\"true\"><svg aria-hidden=\"true\" focusable=\"false\" data-prefix=\"far\" data-icon=\"chart-bar\" role=\"img\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 512 512\" class=\"svg-inline--fa fa-chart-bar fa-w-16 fa-2x\"><path fill=\"currentColor\" d=\"M396.8 352h22.4c6.4 0 12.8-6.4 12.8-12.8V108.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v230.4c0 6.4 6.4 12.8 12.8 12.8zm-192 0h22.4c6.4 0 12.8-6.4 12.8-12.8V140.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v198.4c0 6.4 6.4 12.8 12.8 12.8zm96 0h22.4c6.4 0 12.8-6.4 12.8-12.8V204.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v134.4c0 6.4 6.4 12.8 12.8 12.8zM496 400H48V80c0-8.84-7.16-16-16-16H16C7.16 64 0 71.16 0 80v336c0 17.67 14.33 32 32 32h464c8.84 0 16-7.16 16-16v-16c0-8.84-7.16-16-16-16zm-387.2-48h22.4c6.4 0 12.8-6.4 12.8-12.8v-70.4c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v70.4c0 6.4 6.4 12.8 12.8 12.8z\" class=\"\"><\/path><\/svg><\/i> &nbsp;1,384&nbsp;total views<\/p>\n<div class=\"pvc_clear\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u672c\u6587\u5c0d\u61c9\u7248\u672c\uff1a0.40.1 L...<\/p>\n<div class=\"pvc_clear\"><\/div>\n<p class=\"pvc_stats all \" data-element-id=\"6006\" style=\"\"><i class=\"pvc-stats-icon medium\" aria-hidden=\"true\"><svg aria-hidden=\"true\" focusable=\"false\" data-prefix=\"far\" data-icon=\"chart-bar\" role=\"img\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 512 512\" class=\"svg-inline--fa fa-chart-bar fa-w-16 fa-2x\"><path fill=\"currentColor\" d=\"M396.8 352h22.4c6.4 0 12.8-6.4 12.8-12.8V108.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v230.4c0 6.4 6.4 12.8 12.8 12.8zm-192 0h22.4c6.4 0 12.8-6.4 12.8-12.8V140.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v198.4c0 6.4 6.4 12.8 12.8 12.8zm96 0h22.4c6.4 0 12.8-6.4 12.8-12.8V204.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v134.4c0 6.4 6.4 12.8 12.8 12.8zM496 400H48V80c0-8.84-7.16-16-16-16H16C7.16 64 0 71.16 0 80v336c0 17.67 14.33 32 32 32h464c8.84 0 16-7.16 16-16v-16c0-8.84-7.16-16-16-16zm-387.2-48h22.4c6.4 0 12.8-6.4 12.8-12.8v-70.4c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v70.4c0 6.4 6.4 12.8 12.8 12.8z\" class=\"\"><\/path><\/svg><\/i> &nbsp;1,384&nbsp;total views<\/p>\n<div class=\"pvc_clear\"><\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[31],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/6006"}],"collection":[{"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6006"}],"version-history":[{"count":6,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/6006\/revisions"}],"predecessor-version":[{"id":6342,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/6006\/revisions\/6342"}],"wp:attachment":[{"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6006"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6006"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6006"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}