1. 申请好自己的域名 dockerhub.xxx.com,并解析好IP。

2. 安装nginx(默认开通了http) ,修改

server_name  dockerhub.xxxx.com;

启动。

3. 安装 certbot , 我是centos7 ,参考地址:https://certbot.eff.org/#centosrhel7-nginx

4. 生成证书并自动修改nginx 配置, 完成。

[root@instance-1 ~]# certbot --nginx

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Plugins selected: Authenticator nginx, Installer nginx

Enter email address (used for urgent renewal and security notices) (Enter 'c' to

cancel): youmail@qq.com

Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org

-------------------------------------------------------------------------------

Please read the Terms of Service at

https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must

agree in order to register with the ACME server at

https://acme-v01.api.letsencrypt.org/directory

-------------------------------------------------------------------------------

(A)gree/(C)ancel: A

-------------------------------------------------------------------------------

Would you be willing to share your email address with the Electronic Frontier

Foundation, a founding partner of the Let's Encrypt project and the non-profit

organization that develops Certbot? We'd like to send you email about EFF and

our work to encrypt the web, protect its users and defend digital rights.

-------------------------------------------------------------------------------

(Y)es/(N)o: Y

Starting new HTTPS connection (1): supporters.eff.org

No names were found in your configuration files. Please enter in your domain

name(s) (comma and/or space separated)  (Enter 'c' to cancel):

Please specify --domains, or --installer that will help in domain names autodiscovery, or --cert-name for an existing certificate name.

IMPORTANT NOTES:

 - Your account credentials have been saved in your Certbot

   configuration directory at /etc/letsencrypt. You should make a

   secure backup of this folder now. This configuration directory will

   also contain certificates and private keys obtained by Certbot so

   making regular backups of this folder is ideal.

[root@instance-1 ~]# certbot --nginx

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Plugins selected: Authenticator nginx, Installer nginx

Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org

Which names would you like to activate HTTPS for?

-------------------------------------------------------------------------------

1: dockerhub.xxxxx.com

-------------------------------------------------------------------------------

Select the appropriate numbers separated by commas and/or spaces, or leave input

blank to select all options shown (Enter 'c' to cancel): 1

Obtaining a new certificate

Performing the following challenges:

tls-sni-01 challenge for dockerhub.xxxxx.com

Waiting for verification...

Cleaning up challenges

Deployed Certificate to VirtualHost /etc/nginx/nginx.conf for set(['dockerhub.hecmcc.com'])

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.

-------------------------------------------------------------------------------

1: No redirect - Make no further changes to the webserver configuration.

2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for

new sites, or if you're confident your site works on HTTPS. You can undo this

change by editing your web server's configuration.

-------------------------------------------------------------------------------

Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Redirecting all traffic on port 80 to ssl in /etc/nginx/nginx.conf

-------------------------------------------------------------------------------

Congratulations! You have successfully enabled https://dockerhub.hecmcc.com

You should test your configuration at:

https://www.ssllabs.com/ssltest/analyze.html?d=dockerhub.hecmcc.com

-------------------------------------------------------------------------------

IMPORTANT NOTES:

 - Congratulations! Your certificate and chain have been saved at:

   /etc/letsencrypt/live/dockerhub.xxxxx.com/fullchain.pem

   Your key file has been saved at:

   /etc/letsencrypt/live/dockerhub.xxxxx.com/privkey.pem

   Your cert will expire on 2018-03-08. To obtain a new or tweaked

   version of this certificate in the future, simply run certbot again

   with the "certonly" option. To non-interactively renew *all* of

   your certificates, run "certbot renew"

 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate

   Donating to EFF:                    https://eff.org/donate-le

nginx+letsencrypt搭建https站点的更多相关文章

  1. CentOS 环境下基于 Nginx uwsgi 搭建 Django 站点

    因为我的个人网站 restran.net 已经启用,博客园的内容已经不再更新.请访问我的个人网站获取这篇文章的最新内容,CentOS 环境下基于 Nginx uwsgi 搭建 Django 站点 以下 ...

  2. nginx上搭建https

    nginx上配置https的条件: 1.SSL证书和服务器私钥文件 2.nginx支持SSL模块 一.获取SSL证书 网上有提供权威认证的SSL证书的网站,但多数是收费的,而且不便宜.在正式的生产环境 ...

  3. 用OpenSSL生成自签名证书在IIS上搭建Https站点(用于iOS的https访问)

    前提: 先安装openssl,安装有两种方式,第一种直接下载安装包,装上就可运行:第二种可以自己下载源码,自己编译.这里推荐第一种. 安装包:http://slproweb.com/products/ ...

  4. OpenSSL使用1(用OpenSSL生成自签名证书在IIS上搭建Https站点)(用于iOS的https访问)

    前提: 先安装openssl,安装有两种方式,第一种直接下载安装包,装上就可运行:第二种可以自己下载源码,自己编译.这里推荐第一种. 安装包:http://slproweb.com/products/ ...

  5. 如何申请https证书、搭建https网站

    如何申请https证书.搭建https网站 随着国内搜索引擎巨头百度启用全站https加密服务,全国掀起了网站https加密浪潮.越来越多的站点希望通过部署https证书来解决“第三方”对用户隐私的嗅 ...

  6. nginx代理https站点(亲测)

    nginx代理https站点(亲测) 首先,我相信大家已经搞定了nginx正常代理http站点的方法,下面重点介绍代理https站点的配置方法,以及注意事项,因为目前大部分站点有转换https的需要所 ...

  7. Nginx搭建https服务器

    HTTPS简介 HTTPS(Hypertext Transfer Protocol over Secure Socket Layer),是以安全为目标的HTTP通道,简单来讲就是HTTP的安全版.即H ...

  8. 搭建https+nginx服务器

    搭建https+nginx的服务器,主要是安装ngnix和使用openssl生成自签证书,并在nginx中配置的过程   一.安装环境 1.安装opnssl(ssl支持) https://www.op ...

  9. 利用nginx搭建https服务器

    一.HTTPS简介 HTTPS其实是有两部分组成:HTTP + SSL / TLS,也就是在HTTP上又加了一层处理加密信息的模块.服务端和客户端的信息传输都会通过TLS进行加密,所以传输的数据都是加 ...

随机推荐

  1. 算法工程师<数学题/智力题>

    <数学题/智力题> 1.如果一个女生说,她集齐了十二个星座的前男友,我们应该如何估计她前男友的数量? https://blog.csdn.net/FnqTyr45/article/deta ...

  2. 初探 Liunx 的命令模式(一)

    1.从 X window 切换到  纯命令模式 Ctrl+Alt+[F2-F6].切换回来 Ctrl+Alt+[F2-F6]. 2. 1)CentOS Linux 7 (Core)代表 Linux d ...

  3. 3. ORACLE DATAGUARD 进程

    欢迎指正与讨论. 3.1 主库 LNS LNS:一般理解为log network serviceLNS 进程负责将主库redo传输到备库.在11gR1及之前版本进程命名为LNSn,其负责ASYNC和S ...

  4. 模拟实现库函数的atoi、atof和itoa

    1.函数atoi atoi (表示 alphanumeric to integer)是把字符串转换成整型数的一个函数.广泛的应用在计算机程序和办公软件中.atoi( ) 函数会扫描参数 nptr字符串 ...

  5. linux 服务器常用命令整理

    linux 服务器常用命令整理 目录 网络分析 - tcpdump \ telnet \ (netstat \ ss \ lsof) \ nload 网络传输 - scp \ rsync \ (rz ...

  6. windows安装node和yarn

    Ubuntu子系统安装和删除yarn 在 Debian 或 Ubuntu 上,需要用 Debian 包仓库来安装 Yarn. 首先需要配置仓库: curl -sS https://dl.yarnpkg ...

  7. MYSQL根据节点向上和向下查询所有节点

    WITH cte AS ( SELECT * ,UnitID AS level FROM UnitTable WHERE UnitID=2 UNION ALL SELECT g.*,level+1 F ...

  8. 通过iis访问电脑文件

    新公司没有开发环境,移动端项目,需要自己在手机上先进行查看效果,提供了一个方法iis,之前有听过,但是一直没有用过,今天来记录一下这个配置过程: 环境:win10 1.安装iis 控制面板——程序—— ...

  9. 业务线接入前端异常监控sentry

    1.前端异常处理的框架对比   是否开源 收费 语言 监控范围 sentry 是 自己搭建服务器(免费)价格 英文 Angular.AngularJs.Backbone.Ember.JavaScrip ...

  10. Use try-with-resources

    public void doQueries() throws MyException{ // First try-with-resources. try ( Connection con = Driv ...