目录
概览
由于之前的机器系统使用比较久,是在几年前购买时安装的 CentOS 6.8 x64,如果升级核心版本需要重装系统,在此之际又想体验一下新机器和新配置网络带宽,遂重新下单了一台阿里云 ECS,经过综合比较和自身实际需求,最终选择了 Aliyun Linux 系统,Aliyun Linux 和最新 CentOS 的 Linux 内核系统版本相近以及操作模式兼容,并且可以长期支持服务,下面就我最近两天从新机到安装使用过程碰到的问题做一个记录,以备自查或可以帮助有需要的朋友。
关于版本
Aliyun Linux 系统完整版本号是 Aliyun Linux release 2.1903 LTS (Hunting Beagle) ,Hello, Hunting Beagle!
IP 地址
如果对新购买 ECS 分配的公网 IP 地址不满意,可以在购买后的 6 小时内申请更换,支持更换三次。
扩展要点
以下安装配置流程同样适用于腾讯云联合发行的 OpenCloudOS 操作系统
Nginx
安装服务
yum install nginx -y启动服务
systemctl start nginx开机启动
systemctl enable nginx.service
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.配置服务
网站数据目录:/usr/share/nginx/html
配置数据目录:/etc/nginx/nginx.conf
默认情况下此时通过服务器 IP 可以访问默认首页了,如果要进一步设置,可以通过默认模板 nginx.conf 进行配置,或者新建 new.conf 来重新单独编写配置文件。
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2 default_server;
# listen [::]:443 ssl http2 default_server;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers PROFILE=SYSTEM;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}PHP
安装服务
yum 方式安装
yum install php php-fpm -y开机启动
systemctl enable php-fpm.service
Created symlink /etc/systemd/system/multi-user.target.wants/php-fpm.service → /usr/lib/systemd/system/php-fpm.service.升级版本
升级到 php7.x.x.x
由于最新版本 Wordpess 需要较新版本 php,所以得把系统自带的 php 5.x.xx 手工升级,自带的 yum 源最新可用已经是 5.x.xx。
php -v #查看已安装的 php 版本
PHP 5.4.16 (cli) (built: Apr 2 2020 14:36:36)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologiesyum list installed |grep php #查看已安装的 php 程序条目
php.x86_64 5.4.16-48.1.al7 @updates
php-bcmath.x86_64 5.4.16-48.1.al7 @updates
php-cli.x86_64 5.4.16-48.1.al7 @updates
php-common.x86_64 5.4.16-48.1.al7 @updates
php-fedora-autoloader.noarch 1.0.1-2.el7 @epel
php-fpm.x86_64 5.4.16-48.1.al7 @updates
php-gd.x86_64 5.4.16-48.1.al7 @updates
php-mbstring.x86_64 5.4.16-48.1.al7 @updates
php-mysql.x86_64 5.4.16-48.1.al7 @updates
php-pdo.x86_64 5.4.16-48.1.al7 @updates
php-php-gettext.noarch 1.0.12-1.el7 @epel
php-process.x86_64 5.4.16-48.1.al7 @updates
php-tcpdf.noarch 6.2.26-1.el7 @epel
php-tcpdf-dejavu-sans-fonts.noarch 6.2.26-1.el7 @epel
php-tidy.x86_64 5.4.16-9.el7 @epel
php-xml.x86_64 5.4.16-48.1.al7 @updates
phpMyAdmin.noarch 4.4.15.10-4.el7 @epel yum remove php* #删除所有旧版的 php 程序
Loaded plugins: fastestmirror
Resolving Dependencies
--> Running transaction check
---> Package php.x86_64 0:5.4.16-48.1.al7 will be erased
---> Package php-bcmath.x86_64 0:5.4.16-48.1.al7 will be erased
---> Package php-cli.x86_64 0:5.4.16-48.1.al7 will be erased
---> Package php-common.x86_64 0:5.4.16-48.1.al7 will be erased
---> Package php-fedora-autoloader.noarch 0:1.0.1-2.el7 will be erased
---> Package php-fpm.x86_64 0:5.4.16-48.1.al7 will be erased
---> Package php-gd.x86_64 0:5.4.16-48.1.al7 will be erased
---> Package php-mbstring.x86_64 0:5.4.16-48.1.al7 will be erased
---> Package php-mysql.x86_64 0:5.4.16-48.1.al7 will be erased
---> Package php-pdo.x86_64 0:5.4.16-48.1.al7 will be erased
---> Package php-php-gettext.noarch 0:1.0.12-1.el7 will be erased
---> Package php-process.x86_64 0:5.4.16-48.1.al7 will be erased
---> Package php-tcpdf.noarch 0:6.2.26-1.el7 will be erased
---> Package php-tcpdf-dejavu-sans-fonts.noarch 0:6.2.26-1.el7 will be erased
---> Package php-tidy.x86_64 0:5.4.16-9.el7 will be erased
---> Package php-xml.x86_64 0:5.4.16-48.1.al7 will be erased
---> Package phpMyAdmin.noarch 0:4.4.15.10-4.el7 will be erased
--> Finished Dependency Resolution
…… #这里省略很多过程细节
Complete!rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm #添加第三方 yum 包
Retrieving https://mirror.webtatic.com/yum/el7/epel-release.rpm
warning: /var/tmp/rpm-tmp.pHwGN8: Header V4 RSA/SHA1 Signature, key ID 62e74ca5: NOKEY
Preparing... ################################# [100%]
package epel-release-7-12.noarch (which is newer than epel-release-7-5.noarch) is already installedrpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm #添加第三方 yum 包的 webtatic 库
Retrieving https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
warning: /var/tmp/rpm-tmp.yv8wmd: Header V4 RSA/SHA1 Signature, key ID 62e74ca5: NOKEY
Preparing... ################################# [100%]
package webtatic-release-7-3.noarch is already installedyum list php72* #查看 php 可用安装版本包
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* webtatic: uk.repo.webtatic.com
Available Packages
php72w-bcmath.x86_64 7.2.27-1.w7 webtatic
php72w-cli.x86_64 7.2.27-1.w7 webtatic
php72w-common.x86_64 7.2.27-1.w7 webtatic
php72w-dba.x86_64 7.2.27-1.w7 webtatic
php72w-devel.x86_64 7.2.27-1.w7 webtatic
php72w-embedded.x86_64 7.2.27-1.w7 webtatic
php72w-enchant.x86_64 7.2.27-1.w7 webtatic
php72w-fpm.x86_64 7.2.27-1.w7 webtatic
php72w-gd.x86_64 7.2.27-1.w7 webtatic
php72w-imap.x86_64 7.2.27-1.w7 webtatic
php72w-interbase.x86_64 7.2.27-1.w7 webtatic
php72w-intl.x86_64 7.2.27-1.w7 webtatic
php72w-ldap.x86_64 7.2.27-1.w7 webtatic
php72w-mbstring.x86_64 7.2.27-1.w7 webtatic
php72w-mysql.x86_64 7.2.27-1.w7 webtatic
php72w-mysqlnd.x86_64 7.2.27-1.w7 webtatic
php72w-odbc.x86_64 7.2.27-1.w7 webtatic
php72w-opcache.x86_64 7.2.27-1.w7 webtatic
php72w-pdo.x86_64 7.2.27-1.w7 webtatic
php72w-pdo_dblib.x86_64 7.2.27-1.w7 webtatic
php72w-pear.noarch 1:1.10.4-1.w7 webtatic
php72w-pecl-apcu.x86_64 5.1.9-1.w7 webtatic
php72w-pecl-apcu-devel.x86_64 5.1.9-1.w7 webtatic
php72w-pecl-geoip.x86_64 1.1.1-1.2.w7 webtatic
php72w-pecl-igbinary.x86_64 2.0.5-1.w7 webtatic
php72w-pecl-igbinary-devel.x86_64 2.0.5-1.w7 webtatic
php72w-pecl-imagick.x86_64 3.4.3-1.2.w7 webtatic
php72w-pecl-imagick-devel.x86_64 3.4.3-1.2.w7 webtatic
php72w-pecl-libsodium.x86_64 1.0.6-1.2.w7 webtatic
php72w-pecl-memcached.x86_64 3.0.4-1.w7 webtatic
php72w-pecl-mongodb.x86_64 1.5.3-1.w7 webtatic
php72w-pecl-redis.x86_64 3.1.6-1.w7 webtatic
php72w-pecl-xdebug.x86_64 2.6.1-1.w7 webtatic
php72w-pgsql.x86_64 7.2.27-1.w7 webtatic
php72w-phpdbg.x86_64 7.2.27-1.w7 webtatic
php72w-process.x86_64 7.2.27-1.w7 webtatic
php72w-pspell.x86_64 7.2.27-1.w7 webtatic
php72w-recode.x86_64 7.2.27-1.w7 webtatic
php72w-snmp.x86_64 7.2.27-1.w7 webtatic
php72w-soap.x86_64 7.2.27-1.w7 webtatic
php72w-sodium.x86_64 7.2.27-1.w7 webtatic
php72w-tidy.x86_64 7.2.27-1.w7 webtatic
php72w-xml.x86_64 7.2.27-1.w7 webtatic
php72w-xmlrpc.x86_64 7.2.27-1.w7 webtaticyum install php72w php72w-opcache php72w-xml php72w-mcrypt php72w-gd php72w-devel php72w-mysqlnd php72w-intl php72w-mbstring php72w-pear php72w-pdo php72w-fpm #安装 php7.2.xx 及插件
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* webtatic: uk.repo.webtatic.com
No package php72w-mcrypt available.
Resolving Dependencies
…… #这里省略很多安装过程
Installed:
mod_php72w.x86_64 0:7.2.27-1.w7 php72w-devel.x86_64 0:7.2.27-1.w7 php72w-fpm.x86_64 0:7.2.27-1.w7
php72w-gd.x86_64 0:7.2.27-1.w7 php72w-intl.x86_64 0:7.2.27-1.w7 php72w-mbstring.x86_64 0:7.2.27-1.w7
php72w-mysqlnd.x86_64 0:7.2.27-1.w7 php72w-opcache.x86_64 0:7.2.27-1.w7 php72w-pdo.x86_64 0:7.2.27-1.w7
php72w-pear.noarch 1:1.10.4-1.w7 php72w-xml.x86_64 0:7.2.27-1.w7
Dependency Installed:
autoconf.noarch 0:2.69-11.2.al7 automake.noarch 0:1.13.4-3.2.al7 libargon2.x86_64 0:20161029-3.el7
libicu.x86_64 0:50.2-4.1.al7 perl-Test-Harness.noarch 0:3.28-3.1.al7 perl-Thread-Queue.noarch 0:3.02-2.1.al7
php72w-cli.x86_64 0:7.2.27-1.w7 php72w-common.x86_64 0:7.2.27-1.w7 php72w-process.x86_64 0:7.2.27-1.w7
Complete!php -v #查看更新版本号
PHP 7.2.27 (cli) (built: Jan 26 2020 15:49:49) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.27, Copyright (c) 1999-2018, by Zend Technologies完成 php7.x.xx 的安装。
PHP-FPM
安装好了 PHP 和 PHP-FPM 后,启动服务发现还是不能正常访问 php 文件,变成下载了,这个就是没有处理 php 文件,我同样按之前思路去找配置文件,在/etc/nginx/里面的 nginx.conf 配置文件里耗费了很多时间才查到原因,以下附上常规的简洁 Nginx 配置模板。
# The default server
# conf_file in /etc/nginx/conf.d/
server {
listen 80;
# listen 80 default_server;
# listen [::]:80 default_server;
server_name get.hexingxing.cn;
root /www/get;
#rewrite ^(.*)$ https://$host$1 permanent;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
index index.html index.htm index.php;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME /www/get$fastcgi_script_name;
include fastcgi_params;
}
}MariaDB
安装服务
yum install mariadb mariadb-server -y #安装 mariadb
Installed:
mariadb.x86_64 1:5.5.65-1.1.al7
mariadb-server.x86_64 1:5.5.65-1.1.al7
Dependency Updated:
mariadb-libs.x86_64 1:5.5.65-1.1.al7
perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.1.al7 perl-Compress-Raw-Zlib.x86_64 1:2.06
perl-DBD-MySQL.x86_64 0:4.023-6.1.al7 perl-DBI.x86_64 0:1.627-4.1.al7
perl-Data-Dumper.x86_64 0:2.145-3.1.al7 perl-IO-Compress.noarch 0:2.061-2.1.
perl-Net-Daemon.noarch 0:0.48-5.1.al7 perl-PlRPC.noarch 0:0.2020-14.1.al7
Complete!启动服务
systemctl start mariadb.service开机启动
systemctl enable mariadb
Created symlink /etc/systemd/system/mysql.service → /usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/mysqld.service → /usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service → /usr/lib/systemd/system/mariadb.service.配置服务
配置安全选项
mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): #初次配置无密码可直接回车,有密码输入密码回车
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y #是否设置 root 用户密码,输入 y 并回车或直接回车
New password: #设置 root 用户的密码
Re-enter new password: #再输入一次你设置的密码
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y #是否删除匿名用户, 生产环境建议删除
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y #是否禁止 root 远程登录, 根据自己的需求选择 Y/n 并回车, 建议禁止
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] #是否删除 test 数据库, 直接回车
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] #是否重新加载权限表,直接回车
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB! #最后看到这个提示说明已经配置成功重新启动 MariaDB
systemctl restart mariadb.servicephpMyAdmin
配置 phpMyAdmin 管理数据库
cd /var/www/html #切换到 web 目录wget https://files.phpmyadmin.net/phpMyAdmin/4.9.5/phpMyAdmin-4.9.5-all-languages.tar.gz #官网下载最新版 PMAtar zxvf phpMyAdmin-4.9.5-all-languages.tar.gz #解压mv phpMyAdmin-4.9.5-all-languages phpmyadminkadsfjkafdj #修改文件目录的名称通过 https://myweb.com/phpmyadminkadsfjkafdj 访问管理数据库
导入数据
导入数据库报错:没有接收到要导入的数据。
登录数据管理平台 phpMyAdmin 操作时,php 默认配置的上传文件大小是 2M,如果导入的数据库文件大于 2M 将会报错,提示 “没有接收到要导入的数据。可能是文件名没有提交,也可能是文件大小超出 PHP 限制。参见 FAQ 1.16。”,此时根据 FAQ 1.16 的文档指引,编辑 php.ini 文件,vi /etc/php.ini,编辑模式下搜索关键字段 /post_max_size,修改其值为 12M,搜索关键字段 /upload_max_filesize,修改其值为 10M,其中,该值 post_max_size 必须大于 upload_max_filesize,现在可以上传了。
以上官方文档即在自己服务器的 phpMyAdmin 目录下,https://yourdomain.com/phpMyAdmin-dirname/doc/html/faq.html#faq1-16
导入数据库报错:#1046 - No database selected
错误:MySQL 反回:#1046 - No database selected
原因:错误原因是因为导入时未选择 左侧数据库
解决方法:导入数据库正确操作顺序:点击左侧对应数据库名称(如:test)> 点击右侧顶部 “导入” 按钮。
导入 WordPress xml 数据:为运行程序加权
安装导入器插件时显示 “安装失败: 无法复制文件。 wordpress-importer/class-wp-import.php”,这个我有经验,因为 WordPress 程序没有权限创建文件,运行以下命令完成授权。
chown -R apache:apache worepress #apache 是 wordpress 程序用户名,wordpress 是程序所在目录名称完成以上命令授权后,即可导入数据。
导入数据库和导入 WordPress 只选其一即可,不用两个都执行,否则会重复两份数据或内容重复,如果只有 WordPress 有使用数据库,建议使用 “导入 WordPress xml 数据” 方法导入即可,这样就不会出现多余数据库和无用数据,纯净的 WordPress 数据。
如果数据库还用于其他程序,那么先导入数据库,再导入 WordPress xml 数据,这样最终以 WordPress xml 的数据做最终更新,以此为最终版本数据。
如果是更换域名后导入那么可以在导入选项时勾选下载并导入附件,并保持原域名还可以正常访问,即可下载附件或导入到新的 WordPress。
如果是之前和现在更新的是同一个域名,那就无法下载附件并导入了,因为现在的域名指向的正是当前操作的 WordPress,所以从当前网站找附件是无法找到的,最好的方法就是从之前的 WordPress 目录通过之前说的内网 scp 方式或 ftp 方法将 “/wordpress/wp-content/uploads” 目录传输到当前 WordPress 程序对应目录下即可完成链接导入。
内网迁移
使用 scp 命令将数据在内网快速传输
scp -r root@内网服务器 IP 地址:/被拷贝数据的目录或文件位置 /当前服务器的目录位置这个功能很方便,连接成功后确认对方服务器身份以及输入密码后即可完成迁移,速度在 60MB/s 左右,但是只能针对静态数据,如果是网站还在运行,在迁移时网站产生的数据将会丢失或重复,建议在闲时停机操作。
数据备份
将原服务器全盘备份
其实这个标题有些过了,当时是想做全盘备份的,但想想也不是全部都要用,做全盘操作一来时间会比较久,二来即使备份好了,也不是全盘的数据以后都要用,所以还是选了备份自己确保可能后面要用的相关目录,其中包括实际数据和程序相关配置文件,方便以后参考。
- 网站数据目录:/wwwroot
- 网站数据备份目录:/wwwrootbackup
- 数据库导出目录:/var/lib/phpMyAdmin/save/
- NGINX 配置文件目录:/etc/nginx/
插件问题
Easy Hide Login
WordPress 迁移后,之前用的 Easy Hide Login 使用配置的方法不能登录了,遂通过 ftp 方式将插件先重命名,再通过默认的方式访问登录页面,登录进来后才发现原来默认的字段是 root,我当时有想过可能是恢复默认了,但是却没有想到是这个,现在想想也应该是这个,当时也没有查官方文档,所以就直接干脆重命名插件目录来解决。
Easy Hide Login
Slug Text :root
Login url demo: example.com?slug_text域名证书
Let's Encrypt
wget https://dl.eff.org/certbot-auto #下载安装程序
--2020-06-05 19:41:31-- https://dl.eff.org/certbot-auto
Resolving dl.eff.org (dl.eff.org)... 151.101.228.201, 2a04:4e42:1a::201
Connecting to dl.eff.org (dl.eff.org)|151.101.228.201|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 79897 (78K) [application/octet-stream]
Saving to: ‘certbot-auto’
100%[=============================================================================================>] 79,897 240KB/s in 0.3s
2020-06-05 19:41:32 (240 KB/s) - ‘certbot-auto’ saved [79897/79897]mv certbot-auto /certbot/ #移动安装程序到中意目录chown root /certbot/certbot-auto #添加到组chmod 0755 /certbot/certbot-auto #配置权限/certbot/certbot-auto #安装证书程序
Bootstrapping dependencies for RedHat-based OSes... (you can skip this with --no-bootstrap)
yum is /usr/bin/yum
yum is hashed (/usr/bin/yum)
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Package gcc-4.8.5-39.1.al7.x86_64 already installed and latest version
Package 1:openssl-1.0.2k-19.2.al7.x86_64 already installed and latest version
Package ca-certificates-2019.2.32-76.1.al7.noarch already installed and latest version
……
Install 9 Packages (+24 Dependent packages)
Upgrade ( 6 Dependent packages)
Total download size: 19 M
Is this ok [y/d/N]: y
……
Complete!
Creating virtual environment...
Installing Python packages...
Installation succeeded.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
How would you like to authenticate and install certificates?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Apache Web Server plugin (apache)
2: Nginx Web Server plugin (nginx)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 #选择 apache 或 nginx 程序
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel): it@hexingxing.cn #输入你常用的邮箱地址
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: a #接受协议或条款,必选 a
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: n #是否可以公开你的邮箱地址
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter 'c' to cancel): //第一种情况:没有检测到域名配置文件,手动输入域名
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: ssl.hexingxing.cn //第二种情况,如果系统有配置文件,这里会显示你服务器已配置的域名列表
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): #选择你要创建证书的域名或者回车全选
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for ssl.hexingxing.cn
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/nginx.conf
Redirecting all traffic on port 80 to ssl in /etc/nginx/nginx.conf #新版本默认重定向到 https
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://ssl.hexingxing.cn #恭喜! 您已成功启用 https://ssl.hexingxing.cn
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=ssl.hexingxing.cn #访问此链接测试你的 HTTPS 质量
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
…… #此处省略了很多字,关于证书密钥文件的存放情况以及到期时间
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le{certbot 的绝对或相对路径}/certbot-auto renew --dry-run #测试手动模拟更新证书
友情提示:本站所有文章,如无特殊说明或标注,均为何星星原创发布。与此同时,趋于近年来本站的文章内容频繁被他站盗用与机器采集,现已全局禁用网站文字内容操作,了解详情或转载文章请 点此 继续!
0 条评论