以下是Acme申请证书相关,替换一下域名执行命令就完了
curl https://get.acme.sh | sh
source ~/.bashrc
acme.sh --version
/root/.acme.sh/acme.sh --set-default-ca --server letsencrypt
domain="blog.nodeloc.com" ; /root/.acme.sh/acme.sh --issue -d "$domain" -w /usr/local/lsws/wordpress
acme.sh --renew -d blog.nodeloc.com --force证书生成后,会有相应的证书地址
[Mon Mar 18 03:44:48 PM GMT 2024] Your cert is in: /root/.acme.sh/blog.nodeloc.com_ecc/blog.nodeloc.com.cer
[Mon Mar 18 03:44:48 PM GMT 2024] Your cert key is in: /root/.acme.sh/blog.nodeloc.com_ecc/blog.nodeloc.com.key
[Mon Mar 18 03:44:48 PM GMT 2024] The intermediate CA cert is in: /root/.acme.sh/blog.nodeloc.com_ecc/ca.cer
[Mon Mar 18 03:44:48 PM GMT 2024] And the full chain certs is there: /root/.acme.sh/blog.nodeloc.com_ecc/fullchain.cer将相应的地址填入 openlitespeed的对应 的ssl中即可
将http自动重定向到 https
rewriteCond %{HTTPS} !on
rewriteCond %{HTTP:X-Forwarded-Proto} !https
rewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]如下图
保存后重启,现在SSL证书已经是自动更新的了,是不是很简单!
发表回复