docker自动续期ssl证书
发表于:2024-08-18浏览:38次TAG: #ssl证书
###### 拉取镜像
```
docker pull certbot/certbot
```
###### 配置NGINX
**🔔**
```
location ~ /.well-known {
allow all;
root /var/www/html/example.com/;
}
```
###### 运行certbot镜像
```
docker run -it --rm --name certbot \
-v "/usr/local/nginx/conf/ssl/:/etc/letsencrypt/" \
-v "/home/wwwroot/wb.ahkyxx.com/:/var/www/html/" \
certbot/certbot certonly -n --no-eff-email --email 287288189@qq.com --agree-tos --webroot -w /var/www/html -d wb.ahkyxx.com
```
###### NGINX配置证书
**🔔**
ssl_certificate /usr/local/nginx/conf/ssl/live/wb.ahkyxx.com/fullchain.pem;
ssl_certificate_key /usr/local/nginx/conf/ssl/live/wb.ahkyxx.com/privkey.pem;
###### 配置自动执行脚本
```
#renew_cert.sh
docker run -it --rm --name certbot \
-v "/usr/local/nginx/conf/ssl/:/etc/letsencrypt/" \
-v "/home/wwwroot/wb.ahkyxx.com/:/var/www/html/" \
certbot/certbot certonly -n --no-eff-email --email 287288189@qq.com --agree-tos --webroot -w /var/www/html -d wb.ahkyxx.com
#-----重启NGINX/reload NGINX-----
service nginx stop
service nginx start
#定时任务配置(每月1号运行一次)
crontab -e
0 0 1 * * /data/renew_cert.sh
```
