Python2.6.6升级2.7.3兼Let's Encrypt免费SSL证书申请教程

此前写过centos_6.7_64Bits + Python2.6.6默认环境申请部署Let's Encrypt免费SSL证书的教程,由于Let's Encrypt官方要求系统需要支持Python2.7以上版本并可能在将来停止对2.6版本的支持,所以在另外一台主机上测试了Python2.6.6升级2.7.3后的SSL证书申请过程,发现存在部分问题,遂记录之。

相关阅读:
Let's Encrypt免费SSL证书申请过程与Nginx部署教程
Centos6.7 从 python2.6.6 升级到 2.7.3

Let's Encrypt.jpg

一、升级python版本

python -V
wget http://python.org/ftp/python/2.7.3/Python-2.7.3.tar.bz2
tar -jxvf Python-2.7.3.tar.bz2
cd Python-2.7.3
./configure
make all
make install
make clean
make distclean
/usr/local/bin/python2.7 -V
mv /usr/bin/python /usr/bin/python2.6.6
ln -s /usr/local/bin/python2.7 /usr/bin/python
/usr/bin/python2.6.6 -V
python -V

二、解决yum不兼容Python 2.7 的问题

vi /usr/bin/yum
将文件头部第一行:
!/usr/bin/python
修改成:
!/usr/bin/python2.6.6

三、安装Python三大工具:setup-tools、pip及virtualenv:

yum install -y setuptool
yum install -y python-pip
yum install -y virtualenv

若上述指令无法成功安装,可考虑以下方法:

wget http://peak.telecommunity.com/dist/ez_setup.py
python ez_setup.py
wget https://bootstrap.pypa.io/get-pip.py
python2.7 get-pip.py
ln -s /usr/local/bin/pip2.7 /usr/bin/pip
pip install virtualenv
pip install virtualenvwrapper

四:测试是否安装成功

pip list

五、获取并部署Let's Encrypt免费SSL证书

git clone https://github.com/letsencrypt/letsencrypt
./letsencrypt/letsencrypt-auto certonly --standalone --email [email protected] -d zhujidaba.com -d www.zhujidaba.com

成功获取后,修改网站配置文件,在server段部署SSL:

server
{
listen 80;
#listen [::]:80;
listen 443 ssl;
ssl on;
        ssl_certificate     /etc/letsencrypt/live/zhujidaba.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/zhujidaba.com/privkey.pem;
server_name zhujidaba.com www.zhujidaba.com;

强制使用https,将 http 通过301重定向到 https :

if ($scheme = http ) {
return 301 https://www.zhujidaba.com$request_uri;
}

六、解决Let's Encrypt免费SSL证书的有效期问题

Let's Encrypt证书是有效期90天的,需要手工更新续期。

./letsencrypt/certbot-auto renew --force-renew

通过Crontab定时任务可以设置每隔两个月自动更新一次:

crontab -e
30 5 18 1,3,5,7,9,11 * lnmp stop && ./letsencrypt/certbot-auto renew --force-renew && lnmp start

1、3、5、7、9、11月的18日凌晨5:30分自动运行任务,具体日期、时间可以根据获取时间自行调整。

猜您喜欢

发表评论

icon_mrgreen.gificon_neutral.gificon_twisted.gificon_arrow.gificon_eek.gificon_smile.gificon_confused.gificon_cool.gificon_evil.gificon_biggrin.gificon_idea.gificon_redface.gificon_razz.gificon_rolleyes.gificon_wink.gificon_cry.gificon_surprised.gificon_lol.gificon_mad.gificon_sad.gificon_exclaim.gificon_question.gif