首页 小组 文章 搜索 用户

Lighttpd创建https网站

2020-05-25 08:41:39
0
280

先安装教程装好lighttpd,https://www.osyum.com/group/topic/453/

创建一个新的网站并绑好域名:https://www.osyum.com/group/topic/514/

网站域名为os.osyum.com,配置如下,根据自己的来修改

$HTTP["host"] == "os.osyum.com" { 
server.name = "os.osyum.com"
server.document-root = "/home/www/vhosts/os.osyum.com/htdocs" 
server.errorlog = "/home/www/vhosts/os.osyum.com/error.log" 
accesslog.filename = "/home/www/vhosts/os.osyum.com/access.log" 
}

创建网站ssl目录

mkdir -p /home/www/vhosts/os.osyum.com/ssl/
chown -R lighttpd:lighttpd /home/www/

申请Let's encrypt免费证书:https://www.osyum.com/group/topic/509/

证书合并后把lets-encrypt-x3-cross-signed.pem和os.osyum.pem复制到网站的ssl目录

cat os.osyum.com.key os.crt  > os.osyum.pem
cp lets-encrypt-x3-cross-signed.pem /home/www/vhosts/os.yum.com/ssl
mv os.osyum.pem /home/www/vhosts/os.osyum.com/ssl

打开443端口

firewall-cmd --add-port=443/tcp --permanent
firewall-cmd --reload

创建新的443端口文件

vi /usr/local/lighttpd/config/vhosts.d/443os.yum.conf

复制以下代码并保存

$SERVER["socket"] == "os.osyum.com:443" {
      ssl.engine                  = "enable"
      ssl.pemfile                 = "/home/www/vhosts/os.osyum.com/ssl/os.yuncp.pem"
      ssl.ca-file 		  = "/home/www/vhosts/os.osyum.com/ssl/lets-encrypt-x3-cross-signed.pem"
      server.document-root        = "/home/www/vhosts/os.osyum.com/htdocs"
    }

重启Lighttpd

systemctl restart lighttpd

测试

https://os.osyum.com

还可以做个计划任务,让其每个月自动申请证书。


评论