demokn / certbot-dns-auth
There is no license information available for the latest version (2.0.0) of this package.
Certbot DNS Auth
2.0.0
2024-08-17 09:27 UTC
Requires
- php: >=8.1
- alibabacloud/sdk: ^1.8
- symfony/console: ^6|^7
Requires (Dev)
- symfony/var-dumper: ^6|^7
This package is auto-updated.
Last update: 2024-10-18 04:15:35 UTC
README
使用
- 克隆仓库到执行
Certbot
的机器上
git clone https://github.com/demokn/certbot-dns-auth
cd certbot-dns-auth
- 使用
composer
安装依赖
composer install --no-dev
- 复制并修改脚本文件
cp scripts/alidns/authenticator.sh-example scripts/alidns/authenticator.sh
cp scripts/alidns/cleanup.sh-example scripts/alidns/cleanup.sh
# 编辑文件, 填写自己阿里云的 AccessKeyID 和 AccessKeySecret
- 使用
certbot
生成或更新证书
# 生成证书 certbot certonly --manual --preferred-challenges=dns --manual-auth-hook /PATH/PROJECT_ROOT/scripts/alidns/authenticator.sh --manual-cleanup-hook /PATH/PROJECT_ROOT/scripts/alidns/cleanup.sh -d *.example.com -m YOUR_EMAIL_ADDRESS --dry-run # 更新证书 # 更新证书时会自动读取 `/etc/letsencrypt/renewal/example.com.conf` 配置文件, 故生成证书时的配置参数这里就不需要再次手动设定了 certbot renew --cert-name example.com --dry-run
- 配置
nginx
ssl on;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
Troubleshooting
1. CentOS 7 安装 certbot 运行时报错 ImportError: No module named 'requests.packages.urllib3'
pip uninstall requests pip uninstall urllib3 yum remove python-urllib3 yum remove python-requests yum install python-urllib3 yum install python-requests yum install certbot