설치
[darksharavim.tistory.com] git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
명령어 실행
[darksharavim.tistory.com] letsencrypt-auto certonly \
--manual \
--preferred-challenges=dns \
--email [이메일주소] \
--server https://acme-v02.api.letsencrypt.org/directory \
--agree-tos \
--no-bootstrap \
-d [도메인] \
-d *.[도메인]
or
[darksharavim.tistory.com] certbot certonly --manual \
--preferred-challenges=dns \
--email [이메일주소] \
--server https://acme-v02.api.letsencrypt.org/directory \
--agree-tos \
--no-bootstrap \
-d [도메인] \
-d *.[도메인]
명령어를 실행하면 아래처럼 메시지가 뜹니다.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o:
Y를 눌러줍니다.
그다음 아래와 같이 또 메시지가 뜹니다.
Starting new HTTPS connection (1): supporters.eff.org
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for [도메인]
dns-01 challenge for [도메인]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.
Are you OK with your IP being logged?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o:
마찬가지로 Y를 눌러줍니다.
그러면 아래와 같이 DNS에 TXT레코드를 등록하라고 뜨면
사용중인 네임서버에 TXT레코드를 등록시켜주고 엔터를 입력합니다.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name
_acme-challenge.[도메인] with the following value:
VJtRPoJ6ythvRJWjkxHRbo5s0QHrD9hyFBI8zUCuQbU
Before continuing, verify the record is deployed.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[darksharavim.tistory.com] ls -al
합계 4
drwxr-xr-x 2 root root 93 1월 9 08:27 .
drwx------ 3 root root 41 1월 9 08:27 ..
-rw-r--r-- 1 root root 692 1월 9 08:27 README
lrwxrwxrwx 1 root root 37 1월 9 08:27 cert.pem -> ../../archive/[도메인]/cert1.pem
lrwxrwxrwx 1 root root 38 1월 9 08:27 chain.pem -> ../../archive/[도메인]/chain1.pem
lrwxrwxrwx 1 root root 42 1월 9 08:27 fullchain.pem -> ../../archive/[도메인]/fullchain1.pem
lrwxrwxrwx 1 root root 40 1월 9 08:27 privkey.pem -> ../../archive/[도메인]/privkey1.pem
출처 : https://idchowto.com/?p=45650
'# Operation System > Linux' 카테고리의 다른 글
geoip 유료화 (0) | 2019.01.18 |
---|---|
pwgen 이용 접속시 변경된 패스워드 텔레그램 푸시 (0) | 2019.01.15 |
LetsEncrypt - 무료ssl인증서 발급 (0) | 2019.01.06 |
CentOS7 초기 설정 (0) | 2019.01.06 |
[모니터링툴]자빅스 3.5 설치 (0) | 2018.08.02 |
안녕하세요. 이곳은 IT위주의 잡다한 정보를 올려두는 개인 블로그입니다.
포스팅이 좋았다면 "좋아요❤️" 또는 "구독👍🏻" 해주세요!