Certbot官网:https://certbot.eff.org
1. 安装certbot命令
|
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto |
2. 停止目标域名对应的apache服务
|
docker stop apache |
3. 生成证书
|
sudo ./certbot-auto --standalone certonly -m jianboliu1@galaxyinternet.com -d api.gwdatabank.com |
查看
复制证书到apache的配置目录中
4. 配置apache
Httpd.conf文件
|
LoadModule ssl_module modules/mod_ssl.so Include conf/extra/httpd-ssl.conf LoadModule socache_shmcb_module modules/mod_socache_shmcb.so |
extra/httpd-vhosts.conf文件
|
Listen 8002 <VirtualHost *:8002> ServerName api.gwdatabank.com ServerAdmin webmaster@dummy-host.example.com DocumentRoot "/home/work/local/apache2/htdocs/databank-api-rcv/public/" SetEnv APPLICATION_ENV "production" RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)?$ https://api.gwdatabank.com/$1 [L,R] ErrorLog "logs/api-web-error_log" CustomLog "logs/api-web-access_log" combined <Directory "/home/work/local/apache2/htdocs/databank-api-rcv/public/"> Options FollowSymLinks AllowOverride All Require all granted </Directory> </VirtualHost> |
extra/httpd-ssl.conf文件
|
Listen 8443 DocumentRoot "/home/work/local/apache2/htdocs/databank-api-rcv/public" ServerName api.gwdatabank.com:8443 SSLCertificateFile "/home/work/local/apache2/conf/api.gwdatabank.com/fullchain1.pem" SSLCertificateKeyFile "/home/work/local/apache2/conf/api.gwdatabank.com/privkey1.pem" |
5. 启动apache验证
|
映射80->8002 ,443->8443 Docker start-docker-api.sh |
