{"id":144,"date":"2021-04-04T15:38:46","date_gmt":"2021-04-04T07:38:46","guid":{"rendered":"https:\/\/blog.yuncun.me\/?p=144"},"modified":"2021-04-04T15:38:46","modified_gmt":"2021-04-04T07:38:46","slug":"%e7%94%b3%e8%af%b7lets-encrypt%e6%b3%9b%e5%9f%9f%e5%90%8d%e8%af%81%e4%b9%a6%e5%b9%b6%e8%87%aa%e5%8a%a8%e6%9b%b4%e6%96%b0%ef%bc%88cloudflare-dns%e9%aa%8c%e8%af%81%ef%bc%8ccertbot%ef%bc%89","status":"publish","type":"post","link":"https:\/\/www.biubiu.run\/?p=144","title":{"rendered":"\u7533\u8bf7Let’s Encrypt\u6cdb\u57df\u540d\u8bc1\u4e66\u5e76\u81ea\u52a8\u66f4\u65b0\uff08CloudFlare DNS\u9a8c\u8bc1\uff0ccertbot\uff09"},"content":{"rendered":"

\u9996\u5148\u767b\u5f55CloudFlare\u7684\u4e2a\u4eba\u4e2d\u5fc3\u83b7\u53d6 Global API key<\/p>\n

\n

My Profile --> API Token --> Global API Key<\/p>\n<\/blockquote>\n

\u521b\u5efa\u914d\u7f6e\u6587\u4ef6<\/p>\n

mkdir .secrets\nvim \/root\/.secrets\/cloudflare.ini\nsudo chmod 0700 \/root\/.secrets\/\nsudo chmod 0400 \/root\/.secrets\/cloudflare.ini<\/code><\/pre>\n
\u5185\u5bb9<\/p>\n
\n
dns_cloudflare_email = cloudflare@example.com       \/\/cloudflare\u90ae\u7bb1
\ndns_cloudflare_api_key = 0123456789abcdef0123456789abcdef01234    \/\/Global API key<\/p>\n<\/blockquote>\n
\u5b89\u88c5certbot<\/p>\n
pip3 install certbot<\/code><\/pre>\n
\u5b89\u88c5cloudflare dns \u9a8c\u8bc1\u63d2\u4ef6<\/p>\n
sudo apt -y install python3-certbot-dns-cloudflare<\/code><\/pre>\n
\u751f\u6210\u8bc1\u4e66 \u6ce8\u610f\u8fd9\u91cc\u7684\u901a\u914d\u7b26\u57df\u540d\u5fc5\u987b\u52a0\u5f15\u53f7  '*.biubiu.run'<\/p>\n
certbot certonly \\\n  --dns-cloudflare \\\n  --dns-cloudflare-credentials \/root\/.secrets\/cloudflare.ini \\\n  -d biubiu.run \\\n  -d '*.biubiu.run'<\/code><\/pre>\n
\u6821\u9a8c\u8bc1\u4e66<\/p>\n
openssl x509 -in \/etc\/letsencrypt\/live\/biubiu.run\/cert.pem  -noout -text<\/code><\/pre>\n
\u5982\u679c\u770b\u5230\u8f93\u51fa\u6709\u5982\u4e0b\u5185\u5bb9\uff0c\u5219\u8868\u793a\u6210\u529f<\/p>\n
X509v3 Subject Alternative Name: \n    DNS:*.biubiu.run, DNS:biubiu.run<\/code><\/pre>\n
\u914d\u7f6e\u5b9a\u65f6\u66f4\u65b0\u811a\u672c<\/p>\n
15 2 * * * certbot renew --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx"<\/code><\/pre>\n
\u53c2\u8003\u6587\u732e<\/p>\n
\n
Wildcard certificate from Let\u2019s Encrypt with CloudFlare DNS<\/a>
\nWelcome to certbot-dns-cloudflare\u2019s documentation!<\/a><\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"
\u9996\u5148\u767b\u5f55CloudFlare\u7684\u4e2a\u4eba\u4e2d\u5fc3\u83b7\u53d6 Glo […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false},"categories":[5],"tags":[23,24,25],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.biubiu.run\/index.php?rest_route=\/wp\/v2\/posts\/144"}],"collection":[{"href":"https:\/\/www.biubiu.run\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.biubiu.run\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.biubiu.run\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.biubiu.run\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=144"}],"version-history":[{"count":1,"href":"https:\/\/www.biubiu.run\/index.php?rest_route=\/wp\/v2\/posts\/144\/revisions"}],"predecessor-version":[{"id":145,"href":"https:\/\/www.biubiu.run\/index.php?rest_route=\/wp\/v2\/posts\/144\/revisions\/145"}],"wp:attachment":[{"href":"https:\/\/www.biubiu.run\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=144"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.biubiu.run\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=144"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.biubiu.run\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=144"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}