Apache 部署
适合使用 Apache 的 VPS、云服务器或独立服务器。
1. 设置变量
bash
export ACME_SERVER="你的 Server URL"
export EAB_KID="你的 EAB MAC ID"
export EAB_HMAC_KEY="你的 EAB MAC key"
export EMAIL="[email protected]"
export DOMAIN="example.com"
export WEBROOT="/var/www/example.com/public"2. 安装 acme.sh
bash
curl https://get.acme.sh | sh -s email="$EMAIL"3. 注册 ACME 账号
bash
~/.acme.sh/acme.sh --register-account \
--server "$ACME_SERVER" \
--eab-kid "$EAB_KID" \
--eab-hmac-key "$EAB_HMAC_KEY" \
-m "$EMAIL"4. 签发证书
bash
~/.acme.sh/acme.sh --issue \
--server "$ACME_SERVER" \
-d "$DOMAIN" \
-w "$WEBROOT"5. 安装证书
bash
sudo mkdir -p "/etc/ssl/12ssl/$DOMAIN"
sudo ~/.acme.sh/acme.sh --install-cert -d "$DOMAIN" \
--key-file "/etc/ssl/12ssl/$DOMAIN/privkey.pem" \
--fullchain-file "/etc/ssl/12ssl/$DOMAIN/fullchain.pem" \
--reloadcmd "systemctl reload apache2 || systemctl reload httpd"6. 配置 Apache
Ubuntu / Debian:
bash
sudo a2enmod ssl rewrite
sudo nano /etc/apache2/sites-available/example.com.conf示例:
apache
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/public
SSLEngine on
SSLCertificateFile /etc/ssl/12ssl/example.com/fullchain.pem
SSLCertificateKeyFile /etc/ssl/12ssl/example.com/privkey.pem
</VirtualHost>启用并重载:
bash
sudo a2ensite example.com.conf
sudo apachectl configtest
sudo systemctl reload apache2CentOS / AlmaLinux / Rocky Linux:
bash
sudo apachectl configtest
sudo systemctl reload httpd7. 验证
bash
curl -I "https://$DOMAIN"浏览器访问:
text
https://example.com