linux yum 安装certbot

Install snapd

Adding EPEL to CentOS 7

 yum install epel-release  --skip-broken

With the EPEL repository added to your CentOS installation, simply install the snapd package:

sudo yum install snapd  

Once installed, the systemd unit that manages the main snap communication socket needs to be enabled:

sudo systemctl enable --now snapd.socket

To enable classic snap support, enter the following to create a symbolic link between /var/lib/snapd/snap and /snap:

sudo ln -s /var/lib/snapd/snap /snap

Either log out and back in again or restart your system to ensure snap’s paths are updated correctly.

Snap is now installed and ready to go!

Remove certbot-auto and any Certbot OS packages

If you have any Certbot packages installed using an OS package manager like apt, dnf, or yum, you should remove them before installing the Certbot snap to ensure that when you run the command certbot the snap is used rather than the installation from your OS package manager. The exact command to do this depends on your OS, but common examples are sudo apt-get remove certbot, sudo dnf remove certbot, or

sudo yum remove certbot.

Install Certbot

Run this command on the command line on the machine to install Certbot.

sudo snap install --classic certbot

Prepare the Certbot command

Execute the following instruction on the command line on the machine to ensure that the certbot command can be run.

sudo ln -s /snap/bin/certbot /usr/bin/certbot

Choose how you'd like to run Certbot


Either get and install your certificates…
Run this command to get a certificate and have Certbot edit your nginx configuration automatically to serve it, turning on HTTPS access in a single step.

sudo certbot --nginx


Or, just get a certificate
If you're feeling more conservative and would like to make the changes to your nginx configuration by hand, run this command.

sudo certbot certonly --nginx

Test automatic renewal



The Certbot packages on your system come with a cron job or systemd timer that will renew your certificates automatically before they expire. You will not need to run Certbot again, unless you change your configuration. You can test automatic renewal for your certificates by running this command:

sudo certbot renew --dry-run


The command to renew certbot is installed in one of the following locations:

/etc/crontab/
/etc/cron./
systemctl list-timers

0 0 投票数
Article Rating
订阅评论
提醒
guest
0 评论
内联反馈
查看所有评论
0
希望看到您的想法,请您发表评论x