fengzifz.com

水则资车,旱则资舟

0%

Ubuntu 18 配置 Let’s Encrypt 的 HTTPS 证书

在 2016 年写过一篇在 ubuntu 上面配置 let’s encrypt 证书的文章,见:配置免费 HTTPS - letsencrypt ssl

然而,在 Ubuntu 18 下面,当运行 ./certbot-auto certonly xxx 时,可能出现的错误是:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Creating virtual environment...
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/virtualenv.py", line 2363, in <module>
main()
File "/usr/lib/python3/dist-packages/virtualenv.py", line 719, in main
symlink=options.symlink)
File "/usr/lib/python3/dist-packages/virtualenv.py", line 988, in create_environment
download=download,
File "/usr/lib/python3/dist-packages/virtualenv.py", line 918, in install_wheel
call_subprocess(cmd, show_stdout=False, extra_env=env, stdin=SCRIPT)
File "/usr/lib/python3/dist-packages/virtualenv.py", line 812, in call_subprocess
% (cmd_desc, proc.returncode))

OSError: Command /opt/eff.org/certbot/venv/bin/python2.7 - setuptools pkg_resources pip wheel failed with error code 2
# 或者是(注意两个 error code 是不一样的)
OSError: Command /opt/eff.org/certbot/venv/bin/python2.7 - setuptools pkg_resources pip wheel failed with error code 1

这个主要是由于系统里面安装了多个 python 版本导致的。

解决办法

如果以上两种方法,也无法解决你的问题,请使用如下命令:

1
2
apt update
apt install certbot

安装完 certbot 之后,创建证书:

1
2
# 运行之前,请确保你的域名是可访问的
certbot certonly --agree-tos --email admin@example.com --webroot -w /data/www/xxx -d example.com -d www.example.com

成功之后,你会看到类似的提示:

1
2
3
4
5
6
7
8
9
10
11
12
13
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/example.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/example.com/privkey.pem
Your cert will expire on 2019-02-13. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
"certbot renew"
- If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

剩下的配置,仍然可以参考我 2016 年写的文章:配置免费 HTTPS - letsencrypt ssl

完。

参考