1. 申请好自己的域名 dockerhub.xxx.com,并解析好IP。

2. 安装nginx(默认开通了http) ,修改

server_name  dockerhub.xxxx.com;

启动。

3. 安装 certbot , 我是centos7 ,参考地址:https://certbot.eff.org/#centosrhel7-nginx

4. 生成证书并自动修改nginx 配置, 完成。

[root@instance-1 ~]# certbot --nginx

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Plugins selected: Authenticator nginx, Installer nginx

Enter email address (used for urgent renewal and security notices) (Enter 'c' to

cancel): youmail@qq.com

Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org

-------------------------------------------------------------------------------

Please read the Terms of Service at

https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must

agree in order to register with the ACME server at

https://acme-v01.api.letsencrypt.org/directory

-------------------------------------------------------------------------------

(A)gree/(C)ancel: A

-------------------------------------------------------------------------------

Would you be willing to share your email address with the Electronic Frontier

Foundation, a founding partner of the Let's Encrypt project and the non-profit

organization that develops Certbot? We'd like to send you email about EFF and

our work to encrypt the web, protect its users and defend digital rights.

-------------------------------------------------------------------------------

(Y)es/(N)o: Y

Starting new HTTPS connection (1): supporters.eff.org

No names were found in your configuration files. Please enter in your domain

name(s) (comma and/or space separated)  (Enter 'c' to cancel):

Please specify --domains, or --installer that will help in domain names autodiscovery, or --cert-name for an existing certificate name.

IMPORTANT NOTES:

 - Your account credentials have been saved in your Certbot

   configuration directory at /etc/letsencrypt. You should make a

   secure backup of this folder now. This configuration directory will

   also contain certificates and private keys obtained by Certbot so

   making regular backups of this folder is ideal.

[root@instance-1 ~]# certbot --nginx

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Plugins selected: Authenticator nginx, Installer nginx

Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org

Which names would you like to activate HTTPS for?

-------------------------------------------------------------------------------

1: dockerhub.xxxxx.com

-------------------------------------------------------------------------------

Select the appropriate numbers separated by commas and/or spaces, or leave input

blank to select all options shown (Enter 'c' to cancel): 1

Obtaining a new certificate

Performing the following challenges:

tls-sni-01 challenge for dockerhub.xxxxx.com

Waiting for verification...

Cleaning up challenges

Deployed Certificate to VirtualHost /etc/nginx/nginx.conf for set(['dockerhub.hecmcc.com'])

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.

-------------------------------------------------------------------------------

1: No redirect - Make no further changes to the webserver configuration.

2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for

new sites, or if you're confident your site works on HTTPS. You can undo this

change by editing your web server's configuration.

-------------------------------------------------------------------------------

Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Redirecting all traffic on port 80 to ssl in /etc/nginx/nginx.conf

-------------------------------------------------------------------------------

Congratulations! You have successfully enabled https://dockerhub.hecmcc.com

You should test your configuration at:

https://www.ssllabs.com/ssltest/analyze.html?d=dockerhub.hecmcc.com

-------------------------------------------------------------------------------

IMPORTANT NOTES:

 - Congratulations! Your certificate and chain have been saved at:

   /etc/letsencrypt/live/dockerhub.xxxxx.com/fullchain.pem

   Your key file has been saved at:

   /etc/letsencrypt/live/dockerhub.xxxxx.com/privkey.pem

   Your cert will expire on 2018-03-08. To obtain a new or tweaked

   version of this certificate in the future, simply run certbot again

   with the "certonly" option. To non-interactively renew *all* of

   your certificates, run "certbot renew"

 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate

   Donating to EFF:                    https://eff.org/donate-le

nginx+letsencrypt搭建https站点的更多相关文章

  1. CentOS 环境下基于 Nginx uwsgi 搭建 Django 站点

    因为我的个人网站 restran.net 已经启用,博客园的内容已经不再更新.请访问我的个人网站获取这篇文章的最新内容,CentOS 环境下基于 Nginx uwsgi 搭建 Django 站点 以下 ...

  2. nginx上搭建https

    nginx上配置https的条件: 1.SSL证书和服务器私钥文件 2.nginx支持SSL模块 一.获取SSL证书 网上有提供权威认证的SSL证书的网站,但多数是收费的,而且不便宜.在正式的生产环境 ...

  3. 用OpenSSL生成自签名证书在IIS上搭建Https站点(用于iOS的https访问)

    前提: 先安装openssl,安装有两种方式,第一种直接下载安装包,装上就可运行:第二种可以自己下载源码,自己编译.这里推荐第一种. 安装包:http://slproweb.com/products/ ...

  4. OpenSSL使用1(用OpenSSL生成自签名证书在IIS上搭建Https站点)(用于iOS的https访问)

    前提: 先安装openssl,安装有两种方式,第一种直接下载安装包,装上就可运行:第二种可以自己下载源码,自己编译.这里推荐第一种. 安装包:http://slproweb.com/products/ ...

  5. 如何申请https证书、搭建https网站

    如何申请https证书.搭建https网站 随着国内搜索引擎巨头百度启用全站https加密服务,全国掀起了网站https加密浪潮.越来越多的站点希望通过部署https证书来解决“第三方”对用户隐私的嗅 ...

  6. nginx代理https站点(亲测)

    nginx代理https站点(亲测) 首先,我相信大家已经搞定了nginx正常代理http站点的方法,下面重点介绍代理https站点的配置方法,以及注意事项,因为目前大部分站点有转换https的需要所 ...

  7. Nginx搭建https服务器

    HTTPS简介 HTTPS(Hypertext Transfer Protocol over Secure Socket Layer),是以安全为目标的HTTP通道,简单来讲就是HTTP的安全版.即H ...

  8. 搭建https+nginx服务器

    搭建https+nginx的服务器,主要是安装ngnix和使用openssl生成自签证书,并在nginx中配置的过程   一.安装环境 1.安装opnssl(ssl支持) https://www.op ...

  9. 利用nginx搭建https服务器

    一.HTTPS简介 HTTPS其实是有两部分组成:HTTP + SSL / TLS,也就是在HTTP上又加了一层处理加密信息的模块.服务端和客户端的信息传输都会通过TLS进行加密,所以传输的数据都是加 ...

随机推荐

  1. 解决vuecli3.0构建的vue2.0项目在IE9可能出现的兼容性问题

    1,unit8Array等未定义问题 解决办法 <1>npm install @babel/polyfill <2>分别在main.js和vuex的主文件 import '@b ...

  2. vertx模块HAManager高可用

    HAManager public HAManager(VertxInternal vertx, DeploymentManager deploymentManager, ClusterManager ...

  3. 总结UIViewController的view在有navBar和tabBar影响下布局区域的问题

    影响 View 布局区域的有以下三个属性: self.edgesForExtendedLayout (影响View布局区域的主要属性) self.navigationController.naviga ...

  4. J2EE_Maven_POM文件配置的详解(转)

    <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/20 ...

  5. vue 结合 FileReader() 实现上传图片预览功能

    项目中 身份证上传需求: <div class="ID_pic_wrap"> <ul> <li> <img src="../.. ...

  6. The type javax.servlet.http.HttpServletResponse cannot be resolved. It is indirectly referenced from required .class files

    The type javax.servlet.http.HttpServletResponse cannot be resolved. It is indirectly referenced from ...

  7. C#学习-类型转换

    类型转换的方式主要有以下几种: 隐式类型转换,由低级别类型向高级类型的转换过程.例如派生类可以隐式地转换为它的父类,装箱过程就属于这种隐式类型转换. 显式类型转换,也叫强制类型转换, 通过is和as运 ...

  8. C#学习-显式接口

    显式的接口实现解决了命名冲突问题. 在使用显式的接口实现方式时,需要注意以下几个问题. 若显式实现接口,方法不能使用任何访问修饰符,显式实现的成员都默认为私有: 现式实现的成员默认是私有的,所以这些成 ...

  9. Bean拷贝

    相当于C#的AutoMapper public class CloneUtils { /** * 拷贝对象 * @param source * @param classType * @return * ...

  10. Finally! I do understand "flex-basis"

    Long, long, long ago,CSS3就支持了flex布局,现在各家浏览器都支持标准的语法了,这里推荐一篇比较全面的图文化教程A Complete Guide to Flexbox. 关于 ...