{"id":553,"date":"2025-10-23T15:20:45","date_gmt":"2025-10-23T07:20:45","guid":{"rendered":"https:\/\/trantor.ink\/?p=553"},"modified":"2025-10-23T15:21:18","modified_gmt":"2025-10-23T07:21:18","slug":"certbot-%e5%a6%82%e4%bd%95%e4%b8%ba-nginx-%e6%96%b0%e5%a2%9e%e4%ba%8c%e7%ba%a7%e5%9f%9f%e5%90%8d%e9%85%8d%e7%bd%ae%ef%bc%9f","status":"publish","type":"post","link":"https:\/\/trantor.ink\/?p=553","title":{"rendered":"certbot \u5982\u4f55\u4e3a nginx \u65b0\u589e\u4e8c\u7ea7\u57df\u540d\u914d\u7f6e\uff1f"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_81 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/trantor.ink\/?p=553\/#ssl_nginx_web\" >ssl #nginx #web<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/trantor.ink\/?p=553\/#1_%E7%A1%AE%E4%BF%9D%E5%B7%B2%E5%AE%89%E8%A3%85_Certbot_%E5%92%8C_Nginx_%E6%8F%92%E4%BB%B6\" >1. \u786e\u4fdd\u5df2\u5b89\u88c5 Certbot \u548c Nginx \u63d2\u4ef6<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/trantor.ink\/?p=553\/#2_%E6%9B%B4%E6%96%B0_Nginx_%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6\" >2. \u66f4\u65b0 Nginx \u914d\u7f6e\u6587\u4ef6<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/trantor.ink\/?p=553\/#3_%E6%A3%80%E6%9F%A5_Nginx_%E9%85%8D%E7%BD%AE%E5%B9%B6%E9%87%8D%E8%BD%BD\" >3. \u68c0\u67e5 Nginx \u914d\u7f6e\u5e76\u91cd\u8f7d<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/trantor.ink\/?p=553\/#4_%E4%BD%BF%E7%94%A8_Certbot_%E8%8E%B7%E5%8F%96_SSL_%E8%AF%81%E4%B9%A6\" >4. \u4f7f\u7528 Certbot \u83b7\u53d6 SSL \u8bc1\u4e66<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/trantor.ink\/?p=553\/#5_%E8%87%AA%E5%8A%A8%E7%BB%AD%E6%9C%9F\" >5. \u81ea\u52a8\u7eed\u671f<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"ssl_nginx_web\"><\/span>ssl #nginx #web<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">\u4f7f\u7528 Certbot \u4e3a Nginx \u65b0\u589e\u4e8c\u7ea7\u57df\u540d\u914d\u7f6e\u7684\u8fc7\u7a0b\u5982\u4e0b\uff1a<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"1_%E7%A1%AE%E4%BF%9D%E5%B7%B2%E5%AE%89%E8%A3%85_Certbot_%E5%92%8C_Nginx_%E6%8F%92%E4%BB%B6\"><\/span>1. \u786e\u4fdd\u5df2\u5b89\u88c5 Certbot \u548c Nginx \u63d2\u4ef6<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">\u9996\u5148\uff0c\u786e\u4fdd\u4f60\u7684\u670d\u52a1\u5668\u4e0a\u5df2\u5b89\u88c5\u4e86 Certbot \u548c Nginx \u63d2\u4ef6\u3002\u5982\u679c\u6ca1\u6709\uff0c\u53ef\u4ee5\u901a\u8fc7\u4ee5\u4e0b\u547d\u4ee4\u8fdb\u884c\u5b89\u88c5\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo apt update\nsudo apt install certbot python3-certbot-nginx<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"2_%E6%9B%B4%E6%96%B0_Nginx_%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6\"><\/span>2. \u66f4\u65b0 Nginx \u914d\u7f6e\u6587\u4ef6<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">\u7f16\u8f91\u4f60\u7684 Nginx \u914d\u7f6e\u6587\u4ef6\uff0c\u65b0\u589e\u4e00\u4e2a\u9488\u5bf9\u4e8c\u7ea7\u57df\u540d\u7684 <code>server<\/code> \u5757\u3002\u4f8b\u5982\uff0c\u5982\u679c\u4f60\u7684\u4e8c\u7ea7\u57df\u540d\u662f <code>sub.example.com<\/code>\uff0c\u5219\u5728 <code>\/etc\/nginx\/sites-available\/<\/code> \u76ee\u5f55\u4e0b\u7684\u76f8\u5e94\u914d\u7f6e\u6587\u4ef6\u4e2d\u6dfb\u52a0\u4ee5\u4e0b\u5185\u5bb9\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">server {\n    listen 80;\n    server_name sub.example.com;\n\n    location \/ {\n        proxy_pass http:\/\/localhost:\u4f60\u7684\u5e94\u7528\u7aef\u53e3;\n        proxy_set_header Host $host;\n        proxy_set_header X-Real-IP $remote_addr;\n        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n        proxy_set_header X-Forwarded-Proto $scheme;\n    }\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"3_%E6%A3%80%E6%9F%A5_Nginx_%E9%85%8D%E7%BD%AE%E5%B9%B6%E9%87%8D%E8%BD%BD\"><\/span>3. \u68c0\u67e5 Nginx \u914d\u7f6e\u5e76\u91cd\u8f7d<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">\u5728\u4fdd\u5b58\u914d\u7f6e\u540e\uff0c\u68c0\u67e5 Nginx \u914d\u7f6e\u6587\u4ef6\u662f\u5426\u6709\u9519\u8bef\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo nginx -t<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u5982\u679c\u6ca1\u6709\u9519\u8bef\uff0c\u91cd\u65b0\u52a0\u8f7d Nginx \u4ee5\u5e94\u7528\u65b0\u914d\u7f6e\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo systemctl reload nginx<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"4_%E4%BD%BF%E7%94%A8_Certbot_%E8%8E%B7%E5%8F%96_SSL_%E8%AF%81%E4%B9%A6\"><\/span>4. \u4f7f\u7528 Certbot \u83b7\u53d6 SSL \u8bc1\u4e66<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">\u4f7f\u7528 Certbot \u4e3a\u4f60\u7684\u4e8c\u7ea7\u57df\u540d\u83b7\u53d6 SSL \u8bc1\u4e66\u3002\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo certbot --nginx -d sub.example.com<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Certbot \u5c06\u81ea\u52a8\u66f4\u65b0 Nginx \u914d\u7f6e\u4ee5\u4f7f\u7528 SSL \u8bc1\u4e66\uff0c\u5e76\u4e3a\u4f60\u7684\u4e8c\u7ea7\u57df\u540d\u542f\u7528 HTTPS\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"5_%E8%87%AA%E5%8A%A8%E7%BB%AD%E6%9C%9F\"><\/span>5. \u81ea\u52a8\u7eed\u671f<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Certbot \u4f1a\u81ea\u52a8\u4e3a\u4f60\u914d\u7f6e\u7eed\u671f\u4efb\u52a1\u3002\u5982\u679c\u9700\u8981\u624b\u52a8\u6d4b\u8bd5\u7eed\u671f\u529f\u80fd\uff0c\u53ef\u4ee5\u8fd0\u884c\u4ee5\u4e0b\u547d\u4ee4\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo certbot renew --dry-run<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u8fd9\u6837\u5c31\u5b8c\u6210\u4e86\u4e3a Nginx \u914d\u7f6e\u4e8c\u7ea7\u57df\u540d\u5e76\u4f7f\u7528 Certbot \u83b7\u53d6 SSL \u8bc1\u4e66\u7684\u5168\u90e8\u6b65\u9aa4\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>ssl #nginx #web \u4f7f\u7528 Certbot \u4e3a Nginx \u65b0\u589e\u4e8c\u7ea7\u57df\u540d\u914d\u7f6e\u7684\u8fc7\u7a0b\u5982\u4e0b\uff1a 1. \u786e\u4fdd\u5df2\u5b89\u88c5 Certbot \u548c Nginx \u63d2\u4ef6 \u9996\u5148\uff0c\u786e\u4fdd\u4f60\u7684\u670d\u52a1\u5668\u4e0a\u5df2\u5b89\u88c5\u4e86 Certbot \u548c Nginx \u63d2\u4ef6\u3002\u5982\u679c\u6ca1\u6709\uff0c\u53ef\u4ee5\u901a\u8fc7\u4ee5\u4e0b\u547d\u4ee4\u8fdb\u884c\u5b89\u88c5\uff1a 2. \u66f4\u65b0 Nginx \u914d\u7f6e\u6587\u4ef6 \u7f16\u8f91\u4f60\u7684 Nginx \u914d\u7f6e\u6587\u4ef6\uff0c\u65b0\u589e\u4e00\u4e2a\u9488\u5bf9\u4e8c\u7ea7\u57df\u540d\u7684 server \u5757\u3002\u4f8b\u5982\uff0c\u5982\u679c\u4f60\u7684\u4e8c\u7ea7\u57df\u540d\u662f sub.example.com\uff0c\u5219\u5728 \/etc\/nginx\/sites-available\/ \u76ee\u5f55\u4e0b\u7684\u76f8\u5e94\u914d\u7f6e\u6587\u4ef6\u4e2d\u6dfb\u52a0\u4ee5\u4e0b\u5185\u5bb9\uff1a 3. \u68c0\u67e5 Nginx \u914d\u7f6e\u5e76\u91cd\u8f7d \u5728\u4fdd\u5b58\u914d\u7f6e\u540e\uff0c\u68c0\u67e5 Nginx \u914d\u7f6e\u6587\u4ef6\u662f\u5426\u6709\u9519\u8bef\uff1a \u5982\u679c\u6ca1\u6709\u9519\u8bef\uff0c\u91cd\u65b0\u52a0\u8f7d Nginx \u4ee5\u5e94\u7528\u65b0\u914d\u7f6e\uff1a 4. \u4f7f\u7528 Certbot \u83b7\u53d6 SSL \u8bc1\u4e66 \u4f7f\u7528 Certbot \u4e3a\u4f60\u7684\u4e8c\u7ea7\u57df\u540d\u83b7\u53d6 SSL \u8bc1\u4e66\u3002\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\uff1a Certbot \u5c06\u81ea\u52a8\u66f4\u65b0 Nginx \u914d\u7f6e\u4ee5\u4f7f\u7528 SSL \u8bc1\u4e66\uff0c\u5e76\u4e3a\u4f60\u7684\u4e8c\u7ea7\u57df\u540d\u542f\u7528 HTTPS\u3002 5. \u81ea\u52a8\u7eed\u671f Certbot \u4f1a\u81ea\u52a8\u4e3a\u4f60\u914d\u7f6e\u7eed\u671f\u4efb\u52a1\u3002\u5982\u679c\u9700\u8981\u624b\u52a8\u6d4b\u8bd5\u7eed\u671f\u529f\u80fd\uff0c\u53ef\u4ee5\u8fd0\u884c\u4ee5\u4e0b\u547d\u4ee4\uff1a \u8fd9\u6837\u5c31\u5b8c\u6210\u4e86\u4e3a Nginx \u914d\u7f6e\u4e8c\u7ea7\u57df\u540d\u5e76\u4f7f\u7528 Certbot \u83b7\u53d6 SSL \u8bc1\u4e66\u7684\u5168\u90e8\u6b65\u9aa4\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[37],"tags":[21,20],"class_list":["post-553","post","type-post","status-publish","format-standard","hentry","category-devops","tag-nginx","tag-ubuntu"],"_links":{"self":[{"href":"https:\/\/trantor.ink\/index.php?rest_route=\/wp\/v2\/posts\/553","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/trantor.ink\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/trantor.ink\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/trantor.ink\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/trantor.ink\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=553"}],"version-history":[{"count":1,"href":"https:\/\/trantor.ink\/index.php?rest_route=\/wp\/v2\/posts\/553\/revisions"}],"predecessor-version":[{"id":554,"href":"https:\/\/trantor.ink\/index.php?rest_route=\/wp\/v2\/posts\/553\/revisions\/554"}],"wp:attachment":[{"href":"https:\/\/trantor.ink\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=553"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/trantor.ink\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=553"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/trantor.ink\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=553"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}