2020-01-30

wiki 添加 https 支持

1. 安装 acme.sh

1 2	curl https://get.acme.sh \| sh source ~/.bashrc

DNSPod.cn Option:

The DNSPod.cn Domain API option requires that you first login to your account to get a DNSPod API Key and ID.

1 2	export DP_Id="1234" export DP_Key="sADDsdasdgdsf"

Ok, let's issue a cert now:

1
2
3

sudo chmod -R 775 /etc/letsencrypt
sudo chmod -R 777 /var/www/html/
acme.sh --issue --dns dns_dp -d 1001.iosdevlog.com -w /var/www/html

The DP_Id and DP_Key will be saved in ~/.acme.sh/account.conf and will be reused when needed.

2. 生成证书

1 2	mkdir -p /etc/apache2/ssl/ sudo chmod 777 -R /etc/apache2/ssl/

/etc/apache2/sites-available/1001.conf

1 2	SSLCertificateFile /etc/apache2/ssl/cert.pem SSLCertificateKeyFile /etc/apache2/ssl/key.pem

acme.sh --installcert -d 1001.iosdevlog.com \
--cert-file /etc/apache2/ssl/cert.pem \
--key-file /etc/apache2/ssl/key.pem \
--reloadcmd "service apache2 force-reload"

https

非常关键的一步

# sudo apt install openssl
# 加载 Apache 的 SSL 模块
sudo a2enmod ssl
service apache2 restart

访问：https://1001.iosdevlog.com/mediawiki/

测试 https

https://www.ssllabs.com/ssltest

https://console.dnspod.cn/account/token

参考：https://certbot.eff.org/lets-encrypt/ubuntuxenial-apache

Game 2020

https://2020.iosdevlog.com