docker - 我从我的域注册表中获得了一个免费的 ssl 证书并将其安装在 nginx 上。续订如何运作?
问题描述
我从我的域名注册机构porkbun 那里获得了一个免费的ssl 证书。然后我按照这个网站上关于如何在 nginx 上安装这些证书的步骤进行操作:https ://wbxpress.net/install-porkbun-ssl-nginx-wordpress/
它有以下文件:
domain.cert.pem
intermediate.cert.pem
private.key.pem
public.key.pem
它可以工作,但是这里的续订过程是什么,我是否需要再次从porkbun下载证书,然后在这些证书过期后将其上传到我的服务器。
我最好自己获取证书,然后使用 certbot 自动更新它?我以前做过,但我只是按照本文中的步骤(https://medium.com/@pentacent/nginx-and-lets-encrypt-with-docker-in-less-than-5-minutes-b4b8a60d3a71)所以我真的不知道续订是如何工作的。
这里最简单的方法是什么?:D
解决方案
If you are only using Porkbun, then yes, you will need to download the certificates and upload when they expire. It seems to only automatically install if you're hosting with them, according to the docs.
Every Porkbun account comes with a free Let's Encrypt SSL certificate that will renew automatically if you're using Porkbun as your DNS provider. Better yet, if you're using Porkbun's hosting package or site builder, you don't have to do anything at all to add SSL security: the sites will install automatically.
The tutorial you linked automatically does these steps for you directly with Let's Encrypt. You could alter the service that handles renewal to obtain the cert from Porkbun instead.
The easiest solution is probably the way you already know, unless you'd like to host your site on Porkbun as well.
推荐阅读
- ruby - Ruby Treetop 如何包含与语法不匹配的所有内容
- java - 在 Maven 项目 (Eclipse) 中更改 JDK
- amazon-web-services - 用于在 AWS EB 容器服务上部署的 Gitlab Registry 凭证
- ibm-watson - 可供下载的字典的位置
- .net - TPL 数据流与普通信号量
- ios - UIEdgeInsetsInsetRect' 已被实例方法 'CGRect.inset(by:)
- python - 在 docker 容器之间共享 gensim 的 KeyedVectors 对象的内存
- python - 随着时间的推移,策略梯度算法变得更糟
- wifi - 这是 802.11 数据中的哪一帧?
- docker - Gitlab CI - 使用共享运行器构建 Docker 映像(无法连接到 Docker 守护程序)