1. 申请好自己的域名 dockerhub.xxx.com,并解析好IP。

2. 安装nginx(默认开通了http) ,修改

server_name  dockerhub.xxxx.com;

启动。

3. 安装 certbot , 我是centos7 ,参考地址:https://certbot.eff.org/#centosrhel7-nginx

4. 生成证书并自动修改nginx 配置, 完成。

[root@instance-1 ~]# certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): youmail@qq.com
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org -------------------------------------------------------------------------------
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
-------------------------------------------------------------------------------
(A)gree/(C)ancel: A -------------------------------------------------------------------------------
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
-------------------------------------------------------------------------------
(Y)es/(N)o: Y
Starting new HTTPS connection (1): supporters.eff.org
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter 'c' to cancel):
Please specify --domains, or --installer that will help in domain names autodiscovery, or --cert-name for an existing certificate name. IMPORTANT NOTES:
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
[root@instance-1 ~]# certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org Which names would you like to activate HTTPS for?
-------------------------------------------------------------------------------
1: dockerhub.xxxxx.com
-------------------------------------------------------------------------------
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for dockerhub.xxxxx.com
Waiting for verification...
Cleaning up challenges
Deployed Certificate to VirtualHost /etc/nginx/nginx.conf for set(['dockerhub.hecmcc.com']) Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
-------------------------------------------------------------------------------
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Redirecting all traffic on port 80 to ssl in /etc/nginx/nginx.conf -------------------------------------------------------------------------------
Congratulations! You have successfully enabled https://dockerhub.hecmcc.com You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=dockerhub.hecmcc.com
------------------------------------------------------------------------------- IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/dockerhub.xxxxx.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/dockerhub.xxxxx.com/privkey.pem
Your cert will expire on 2018-03-08. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

nginx+letsencrypt搭建https站点的更多相关文章

  1. CentOS 环境下基于 Nginx uwsgi 搭建 Django 站点

    因为我的个人网站 restran.net 已经启用,博客园的内容已经不再更新.请访问我的个人网站获取这篇文章的最新内容,CentOS 环境下基于 Nginx uwsgi 搭建 Django 站点 以下 ...

  2. nginx上搭建https

    nginx上配置https的条件: 1.SSL证书和服务器私钥文件 2.nginx支持SSL模块 一.获取SSL证书 网上有提供权威认证的SSL证书的网站,但多数是收费的,而且不便宜.在正式的生产环境 ...

  3. 用OpenSSL生成自签名证书在IIS上搭建Https站点(用于iOS的https访问)

    前提: 先安装openssl,安装有两种方式,第一种直接下载安装包,装上就可运行:第二种可以自己下载源码,自己编译.这里推荐第一种. 安装包:http://slproweb.com/products/ ...

  4. OpenSSL使用1(用OpenSSL生成自签名证书在IIS上搭建Https站点)(用于iOS的https访问)

    前提: 先安装openssl,安装有两种方式,第一种直接下载安装包,装上就可运行:第二种可以自己下载源码,自己编译.这里推荐第一种. 安装包:http://slproweb.com/products/ ...

  5. 如何申请https证书、搭建https网站

    如何申请https证书.搭建https网站 随着国内搜索引擎巨头百度启用全站https加密服务,全国掀起了网站https加密浪潮.越来越多的站点希望通过部署https证书来解决“第三方”对用户隐私的嗅 ...

  6. nginx代理https站点(亲测)

    nginx代理https站点(亲测) 首先,我相信大家已经搞定了nginx正常代理http站点的方法,下面重点介绍代理https站点的配置方法,以及注意事项,因为目前大部分站点有转换https的需要所 ...

  7. Nginx搭建https服务器

    HTTPS简介 HTTPS(Hypertext Transfer Protocol over Secure Socket Layer),是以安全为目标的HTTP通道,简单来讲就是HTTP的安全版.即H ...

  8. 搭建https+nginx服务器

    搭建https+nginx的服务器,主要是安装ngnix和使用openssl生成自签证书,并在nginx中配置的过程   一.安装环境 1.安装opnssl(ssl支持) https://www.op ...

  9. 利用nginx搭建https服务器

    一.HTTPS简介 HTTPS其实是有两部分组成:HTTP + SSL / TLS,也就是在HTTP上又加了一层处理加密信息的模块.服务端和客户端的信息传输都会通过TLS进行加密,所以传输的数据都是加 ...

随机推荐

  1. Rest分页接口开发

    简单描述:需求说后端写一个XX数据的分页接口,给前端口调用,其实有一个PageHelper的工具类可以直接使用但是老大不让用,得用sql写,.小Kiss啦.直接上代码 代码: //Controller ...

  2. 总结web自动化测试页面常用字段的定位方法

    在一次编写web自动脚本时,突然想到web页面常有的字段有:输入框,按钮,富文本输入框,下拉框选项,弹窗,表格,上传文件以及时间插件,以下总结的没有编写时间插件的用例了!以后碰到再更新, 以下是蹩脚代 ...

  3. js中valueOf方法的使用

    今天一位刚毕业的同事问了我一个问题,为什么这段代码执行结果是-1.代码如下: var o = { valueOf: function(){ return -1; } }; o = +o; 当时我也是懵 ...

  4. A页面跳转到B页面后打开指定tabs标签

    A页面: <!DOCTYPE html><html lang="en" class="no-js">    <head>   ...

  5. 用Java开发一个工具类,提供似于js中eval函数功能的eval方法

    今天在看到<Java疯狂讲义>中一个章节习题: 开发一个工具类,该工具类提供一个eval()方法,实现JavaScript中eval()函数的功能--可以动态运行一行或多行程序代码.例如: ...

  6. java 模拟浏览器爬虫

  7. redis与memacache的区别(转)

    redis和memecache的不同在于:1.存储方式:memecache 把数据全部存在内存之中,断电后会挂掉,数据不能超过内存大小redis有部份存在硬盘上,这样能保证数据的持久性.2.数据支持类 ...

  8. functools.wraps函数

    原文地址:https://www.cnblogs.com/fcyworld/p/6239951.html 第一次见到functools.wraps是在 Flask Web开发 中,一直不明白怎么回事. ...

  9. 土制Excel导入导出及相关问题探讨

    转载请注明出处https://www.cnblogs.com/funnyzpc/p/10392085.html 新的一年,又一个开始,不见收获,却见年龄,好一个猪年,待我先来一首里尔克的诗: < ...

  10. BZOJ.2054.疯狂的馒头(并查集)

    BZOJ 倒序处理,就是并查集傻题了.. 并查集就是确定下一个未染色位置的,直接跳到那个位置染.然而我越想越麻烦=-= 以为有线性的做法,发现还是要并查集.. 数据随机线段树也能过去. //18400 ...