https://letsencrypt.osfipin.com/user-0408/order?id=5rp3ek
###### Apache http 关键配置 ######
SSLCertificateFile "path\fullchain.crt"
SSLCertificateKeyFile "path\private.pem"
###### 主要参考配置 ######
# ssl 基本参数
<IfModule ssl_module>
Listen 443
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLCipherSuite AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL
SSLHonorCipherOrder on
SSLProtocol all -SSLv2 -SSLv3
SSLProxyProtocol all -SSLv2 -SSLv3
SSLPassPhraseDialog builtin
</IfModule>
# 虚拟主机配置
<VirtualHost *:443>
# 省略的代码
SSLEngine on
SSLCertificateFile "path\fullchain.crt"
SSLCertificateKeyFile "path\private.pem"
</VirtualHost>
---------------------------------------------------------------------------------
https://cdn01.osfipin.com/static/letsencrypt/nginx.conf
###### Nginx 关键配置 ######
ssl_certificate "path\fullchain.crt"
ssl_certificate_key "path\private.pem"
###### 主要参考配置 ######
server
{
listen 80;
listen 443 ssl http2;
# 省略一堆不可描述的代码
ssl_certificate "path\fullchain.crt"
ssl_certificate_key "path\private.pem"
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
}
---------------------------------------------------------------------------------
https://cdn01.osfipin.com/static/letsencrypt/Tomcat7.xml
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<!--
tomcat 需要修改tomcat/conf下的server.xml文件
支持pfx文件和jks文件
== pfx文件核心配置[Tomcat7及以上]
keystoreFile="/path/certificate.pfx"
keystoreType="PKCS12"
keystorePass="证书密码"
== jks文件核心配置[本站不直接提供]
keystoreFile="/path/certificate.pfx"
keystorePass="证书密码"
通过Tomcat的keytool生成jks文件,参考命令
keytool -importkeystore -srckeystore path/certificate.pfx -destkeystore path/certificate.jks -srcstoretype PKCS12 -deststoretype JKS
-->
<!--
一种配置示例[pfx]
-->
<Connector port="443" protocol="HTTP/1.1" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" keystoreFile="/path/certificate.pfx" keystoreType="PKCS12" keystorePass="证书密码" clientAuth="false" sslProtocol="TLS"/>
---------------------------------------------------------------------------------
宝塔面板:
https://cdn01.osfipin.com/static/letsencrypt/btset.png
文本打开:fullchain.crt内容到密钥(KEY)框中
private.pem内容到证书(PEM格式)中。
---------------------------------------------------------------------------------
申请证书与续期地址
https://letsencrypt.osfipin.com/
打赏
-
支付宝扫一扫
-
微信扫一扫
备案号: