https, letsencrypt.org 와 nginx

Posted on 2018-10-18(목) in Web Server

인증서 갱신 (renew, certonly)

crontab

% sudo crontab -l
# 2월, 4월, 6월, 8월, 10월, 12월 매 6일 새벽 4시 17분에 let's encript 갱신
17 4 6 2,4,6,8,10,12 * /opt/local/sbin/letsencrypt_renew.sh

/opt/local/sbin/letsencrypt_renew.sh

% cat /opt/local/sbin/letsencrypt_renew.sh
#!/bin/sh

# NginX Stop
service nginx stop  # or whatever your webserver is

# LetsEncrypt Update
/opt/local/letsencrypt/letsencrypt-auto certonly -w /var/www/html -d oh.mypi.co --force-renewal --no-self-upgrade --standalone
LE_STATUS=$?

# NginX Start
service nginx start # or whatever your webserver is
if [ "$LE_STATUS" != 0 ]; then
    echo Automated renewal failed:
    cat /var/log/letsencrypt/renew.log
    exit 1
fi

nginx 에 let’s encrypt 설치

$ sudo -H ./letsencrypt-auto --nginx

nginx openssl https howto manual tutorial linux ubuntu