下载脚本

wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.conf
wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.sh
chmod +x letsencrypt.sh

修改letsencrypt.conf

# 修改 DOMAIN_KEY
# 修改 DOMAIN_DIR
# 修改 DOMAINS

修改nginx配置

   server{
      listen 80;
      server_name blog.ziki.cn;
      #rewrite ^(.*)$ https://${server_name}$1 permanent;
      location / {
         index index.html index.php;
         root /data/www/blog.ziki.cn/html;
         #dd_header Content-Type text/html;
         #return 200 $request_uri;
         if ($request_uri ~* .*.well-known.*){
            break;
         }
         if ($request_uri !~* .*.well-known.*){
            rewrite ^(.*)$ https://${server_name}$1 permanent;
         }
      }
   }

申请证书

./letsencrypt.sh letsencrypt.conf
systemctl restart nginx

ref

• https://jicki.cn/certbot/
• https://hub.docker.com/r/neilpang/acme.sh
• https://github.com/acmesh-official/acme.sh
• https://hub.docker.com/r/certbot/certbot
• https://github.com/go-acme/lego/