Get Free SSL Certificates
Types of certificates
DVDomain Validated certificatesOVOrganization Validated certificateEVExtended Validation certificates
Free ssl authorities
Guide
This is a guide to get a DV certificate by Let’s Encrypt using Certbot
Install Certbot
$ wget https://dl.eff.org/certbot-auto
$ chmod +x certbot-auto
$ mv certbot-auto /usr/local/bin/
Usage:
certonly: A Certbot plugin
-d DOMAIN: The domain you want to obtain a certificate for
—preferred-challenges: The way to verify your domain
—server: ACME v1 or v2 protocol server
Apply for ssl certificate
$ certbot-auto certonly -d "domain.com" --manual --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory
Follow the hits and add a TXT dns record. Then you will get your certificates at /etc/letsencrypt/live/yourdomain/
Enable HTTPS
Here is my nginx config file
user root;
worker_processes 2;
error_log /var/log/nginx/error.log;
pid /root/app/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 443 http2 ssl;
server_name vincent0700.com;
ssl_certificate /root/app/cert/vincent0700.com/fullchain.pem;
ssl_certificate_key /root/app/cert/vincent0700.com/privkey.pem;
ssl_trusted_certificate /root/app/cert/vincent0700.com/chain.pem;
root /root/app/blogger;
location / {
root /root/app/blogger;
index index.html index.htm;
autoindex on;
autoindex_exact_size on;
autoindex_localtime on;
}
}
server {
listen 80;
server_name vincent0700.com;
return 301 https://vincent0700.com;
}
}
Reference
[1] Types of SSL certificates – choose the right one
[2] Let’s Encrypt 免费通配符 SSL 证书申请流程