{"id":1949,"date":"2023-10-16T10:29:35","date_gmt":"2023-10-16T02:29:35","guid":{"rendered":"https:\/\/badgameshow.com\/fly\/?p=1949"},"modified":"2023-10-16T10:33:03","modified_gmt":"2023-10-16T02:33:03","slug":"%e3%80%90ssl-tls%e3%80%91%e5%9c%a8-windows-%e4%b8%8a%e4%bd%bf%e7%94%a8-certbot-%e5%85%8d%e8%b2%bb%e7%82%ba%e4%bd%a0%e7%9a%84%e7%b6%b2%e7%ab%99%e5%89%b5%e5%bb%ba%e4%b8%89%e5%80%8b%e6%9c%88%e6%9c%89","status":"publish","type":"post","link":"https:\/\/badgameshow.com\/fly\/%e3%80%90ssl-tls%e3%80%91%e5%9c%a8-windows-%e4%b8%8a%e4%bd%bf%e7%94%a8-certbot-%e5%85%8d%e8%b2%bb%e7%82%ba%e4%bd%a0%e7%9a%84%e7%b6%b2%e7%ab%99%e5%89%b5%e5%bb%ba%e4%b8%89%e5%80%8b%e6%9c%88%e6%9c%89\/","title":{"rendered":"\u3010SSL\/TLS\u3011\u5728 Windows \u4e0a\u4f7f\u7528 Certbot \u514d\u8cbb\u70ba\u4f60\u7684\u7db2\u7ad9\u5275\u5efa\u4e09\u500b\u6708\u6709\u6548\u7684 SSL\/TLS \u6191\u8b49"},"content":{"rendered":"

\u3010SSL\/TLS\u3011\u5728 Windows \u4e0a\u4f7f\u7528 Certbot \u514d\u8cbb\u70ba\u4f60\u7684\u7db2\u7ad9\u5275\u5efa\u4e09\u500b\u6708\u6709\u6548\u7684 SSL\/TLS \u6191\u8b49<\/h1>\n

SSL\/TLS \u6191\u8b49\u53ef\u63d0\u4f9b\u7db2\u7ad9\u7684\u5b89\u5168\u6027\u548c\u96b1\u79c1\u6027\uff0c\u78ba\u4fdd\u6578\u64da\u5728\u7db2\u7d61\u4e0a\u7684\u50b3\u8f38\u662f\u52a0\u5bc6\u548c\u5b89\u5168\u7684\u3002\u9019\u500b\u904e\u7a0b\u5c07\u8b93\u60a8\u7684\u7db2\u7ad9\u5728\u4e09\u500b\u6708\u5167\u7372\u5f97\u6709\u6548\u7684\u6191\u8b49\uff0c\u78ba\u4fdd\u700f\u89bd\u8005\u7684\u4fe1\u606f\u548c\u6578\u64da\u5f97\u5230\u4fdd\u8b77\uff0c\u540c\u6642\u589e\u52a0\u60a8\u7db2\u7ad9\u7684\u53ef\u4fe1\u5ea6\u3002<\/h4>\n
\n

\u6587\u7ae0\u76ee\u9304<\/h4>\n
    \n
  1. \u5b89\u88dd Python<\/a><\/li>\n
  2. \u5b89\u88dd Certbot<\/a><\/li>\n
  3. \u751f\u6210\u9700\u8981 SSL\/TLS \u7684\u7db2\u7ad9\u57df\u540d<\/a><\/li>\n
  4. \u5c07\u6a94\u6848\u653e\u5230\u6307\u5b9a\u4f4d\u7f6e<\/a><\/li>\n
  5. \u7372\u53d6 4 \u500b pem \u6a94<\/a><\/li>\n
  6. \u5229\u7528 pfx \u532f\u51fa crt \u8207 key<\/a><\/li>\n
  7. \u8a2d\u5b9a Apache SSL<\/a><\/li>\n
  8. \u76f8\u95dc\u9023\u7d50<\/a><\/li>\n<\/ol>\n
    \n

    <\/a><\/p>\n

    1.\u5b89\u88dd Python<\/h4>\n

    Python download<\/a><\/p>\n

    <\/a><\/p>\n

    2.\u5b89\u88dd Certbot<\/h4>\n
    pip install certbot\n<\/code><\/pre>\n
    <\/a><\/p>\n
    3.\u751f\u6210\u9700\u8981 SSL\/TLS \u7684\u7db2\u7ad9\u57df\u540d<\/h4>\n
    certbot certonly -d badgameshow.com --agree-tos --manual\n<\/code><\/pre>\n
    certonly – \u8868\u793a\u53ea\u7372\u5f97\u6191\u8b49\uff0c\u800c\u4e0d\u5b89\u88dd\u5b83<\/h6>\n
    -d badgameshow.com – \u6307\u5b9a\u8981\u70ba\u54ea\u500b\u57df\u540d\uff08badgameshow.com\uff09\u7372\u5f97\u6191\u8b49<\/h6>\n
    –agree-tos – \u8868\u793a\u540c\u610f Certbot \u7684\u670d\u52d9\u689d\u6b3e<\/h6>\n
    –manual – \u555f\u7528\u624b\u52d5\u6a21\u5f0f<\/h6>\n
    <\/a><\/p>\n
    4.\u5c07\u6a94\u6848\u653e\u5230\u6307\u5b9a\u4f4d\u7f6e<\/h4>\n
    Create a file containing just this data:\n\nBIEZki9F-CL5fJ6el7fSG59wTw6tI7_C0isxMhnXJSI.zGMMBQviivF4kKyeGw4C1yZuVzmpncSTQoUgsgwQbjE\n\nAnd make it available on your web server at this URL:\n\nhttp:\/\/badgameshow.com\/.well-known\/acme-challenge\/BIEZki9F-CL5fJ6el7fSG59wTw6tI7_C0isxMhnXJSI\n<\/code><\/pre>\n
    <\/a><\/p>\n
    5.\u7372\u53d6 4 \u500b pem \u6a94<\/h4>\n
    \"\"<\/a><\/p>\n
    <\/a><\/p>\n
    6.\u5229\u7528 pfx \u532f\u51fa crt \u8207 key<\/h4>\n
    \u6253\u958b git bash (\u6709\u5167\u5efa openssl)<\/h5>\n
    \u7372\u53d6 certificate_combined.pfx<\/h5>\n
    openssl pkcs12 -export -out \"certificate_combined.pfx\" -inkey \"privkey.pem\" -in \"cert.pem\" -certfile \"fullchain.pem\" -password pass:123\n<\/code><\/pre>\n
    -export – \u8868\u793a\u57f7\u884c\u5c0e\u51fa\u64cd\u4f5c<\/h6>\n
    -out “certificate_combined.pfx”- \u6307\u5b9a\u5c0e\u51fa\u7684 PKCS#12 \u6587\u4ef6\u540d\u70ba “certificate_combined.pfx”<\/h6>\n
    -inkey “privkey.pem”- \u6307\u5b9a\u5305\u542b\u79c1\u9470\u7684 PEM \u6587\u4ef6\u7684\u8def\u5f91<\/h6>\n
    -in “cert.pem”- \u6307\u5b9a\u5305\u542b\u8b49\u66f8\u7684 PEM \u6587\u4ef6\u7684\u8def\u5f91<\/h6>\n
    -certfile “fullchain.pem”- \u6307\u5b9a\u5305\u542b\u5b8c\u6574\u93c8\uff08\u5305\u62ec\u4e2d\u9593\u8b49\u66f8\uff09\u7684 PEM \u6587\u4ef6\u7684\u8def\u5f91<\/h6>\n
    -password pass:123 – \u8a2d\u7f6e PKCS#12 \u6587\u4ef6\u7684\u5bc6\u78bc\u70ba “123”<\/h6>\n
    \u7372\u53d6 ca_bundle.crt<\/h5>\n
    openssl pkcs12 -in certificate_combined.pfx -nokeys -cacerts -nodes -password pass:123 -out ca_bundle.crt\n<\/code><\/pre>\n
    \u7372\u53d6 certificate.crt<\/h5>\n
    openssl pkcs12 -in certificate_combined.pfx -nokeys -clcerts -nodes -password pass:123 -out certificate.crt\n<\/code><\/pre>\n
    \u7372\u53d6 private.key<\/h5>\n
    openssl pkcs12 -in certificate_combined.pfx -nocerts -nodes -password pass:123 -out private.key\n<\/code><\/pre>\n
    -in certificate_combined.pfx – \u6307\u5b9a\u8f38\u5165\u7684 PKCS#12 \u6587\u4ef6\u70ba certificate_combined.pfx<\/h6>\n
    -nokeys – \u8868\u793a\u4e0d\u5c0e\u51fa\u79c1\u9470<\/h6>\n
    -cacerts – \u8868\u793a\u53ea\u5c0e\u51fa\u6839\u8b49\u66f8\u548c\u4e2d\u9593\u8b49\u66f8<\/h6>\n
    -nodes – \u8868\u793a\u4e0d\u52a0\u5bc6\u8f38\u51fa\u7684\u5bc6\u9470<\/h6>\n
    -password pass:123 – \u6307\u5b9a\u8f38\u5165 PKCS#12 \u6587\u4ef6\u7684\u5bc6\u78bc\u70ba “123”\u3002<\/h6>\n
    -out ca_bundle.crt – \u6307\u5b9a\u8f38\u51fa\u7684\u6587\u4ef6\u540d\u70ba ca_bundle.crt\uff0c\u9019\u662f\u5305\u542b\u6839\u8b49\u66f8\u548c\u4e2d\u9593\u8b49\u66f8\u7684\u8b49\u66f8\u675f\u6587\u4ef6<\/h6>\n
    <\/a><\/p>\n
    7.\u8a2d\u5b9a Apache SSL<\/h4>\n
    SSLEngine on\nSSLCertificateFile \"C:\\xampp\\apache\\conf\\sslforfree\\certificate.crt\"\nSSLCertificateKeyFile \"C:\\xampp\\apache\\conf\\sslforfree\\private.key\"\nSSLCertificateChainFile \"C:\\xampp\\apache\\conf\\sslforfree\\ca_bundle.crt\"\n<\/code><\/pre>\n
    <\/a><\/p>\n
    8.\u76f8\u95dc\u9023\u7d50<\/h4>\n
    \u4f7f\u7528 CERTBOT \u8207 LET’S ENCRYPT \u66ff\u7db2\u7ad9\u5efa\u7acb SSL \u6191\u8b49(PEM \u8f49 CRT&KEY)<\/a>
    \n    HTTPS \u514d\u8cbb\u6191\u8b49\u7533\u8acb – Let’s Encrypt<\/a><\/p>\n\n
    <\/div>","protected":false},"excerpt":{"rendered":"
    \u3010SSL\/TLS\u3011\u5728 Windows \u4e0a\u4f7f\u7528 Certbot \u514d\u8cbb\u70ba\u4f60\u7684\u7db2\u7ad9\u5275\u5efa\u4e09\u500b\u6708\u6709\u6548\u7684 SSL\/TLS  … <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"pgc_sgb_lightbox_settings":"","footnotes":""},"categories":[244],"tags":[],"class_list":["post-1949","post","type-post","status-publish","format-standard","hentry","category-ssl-tls"],"_links":{"self":[{"href":"https:\/\/badgameshow.com\/fly\/wp-json\/wp\/v2\/posts\/1949","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/badgameshow.com\/fly\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/badgameshow.com\/fly\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/badgameshow.com\/fly\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/badgameshow.com\/fly\/wp-json\/wp\/v2\/comments?post=1949"}],"version-history":[{"count":2,"href":"https:\/\/badgameshow.com\/fly\/wp-json\/wp\/v2\/posts\/1949\/revisions"}],"predecessor-version":[{"id":1953,"href":"https:\/\/badgameshow.com\/fly\/wp-json\/wp\/v2\/posts\/1949\/revisions\/1953"}],"wp:attachment":[{"href":"https:\/\/badgameshow.com\/fly\/wp-json\/wp\/v2\/media?parent=1949"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/badgameshow.com\/fly\/wp-json\/wp\/v2\/categories?post=1949"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/badgameshow.com\/fly\/wp-json\/wp\/v2\/tags?post=1949"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}