1 申请密钥
sudo certbot certonly -d "域名" -d "*.域名" --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory
范例
sudo certbot certonly -d "texttool.fun" -d "*.texttool.fun" --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory
注意这里需要配置解析的txt,以阿里云为例
2 生成key
sudo openssl pkcs12 -export -in "/etc/letsencrypt/live/域名/cert.pem" -inkey "/etc/letsencrypt/live/域名/privkey.pem" -out "/etc/letsencrypt/live/域名/key.p12"
范例,注意记住这里的密码
sudo openssl pkcs12 -export -in "/etc/letsencrypt/live/texttool.fun/cert.pem" -inkey "/etc/letsencrypt/live/texttool.fun/privkey.pem" -out "/etc/letsencrypt/live/texttool.fun/key.p12"
3 配置spring boot
注意端口
server:
port: 443
ssl:
key-store: file:/etc/letsencrypt/live/texttool.fun/key.p12
key-store-password: 123456
key-store-type: PKCS12
4 配置nginx
server {
listen 80;
server_name texttool.fun;
rewrite ^(.*)$ https://${
server_name}$1 permanent;
}
5 其他
安装nginx
yum install -y nginx
sudo systemctl start nginx
sudo systemctl enable nginx
启动项目
nohup java -Xms512m -Xmx512m -jar site.jar >/dev/null 2>&1 &
