编译安装openssl-1.1.1版本
下载源码包
wget https://www.openssl.org/source/openssl-1.1.1n.tar.gz --no-check-certificate
解压,编译,安装
tar -zxf openssl-1.1.1n.tar.gz
cd openssl-1.1.1n
./Configure --prefix=/usr/local/openssl
make -j && make install
说明
上面make过程如果提示没有makefile文件说明./Configurep,这步出错了改用./config --prefix=/usr/local/openssl,然后再编译。
编译安装python3
下载源码包
https://www.python.org/ftp/python/3.10.0/Python-3.10.0.tgz
编译安装带新版openssl模块的python3
./configure --prefix=/usr/local/python3 --with-openssl=/usr/local/openssl --with-openssl-rpath=auto
make -j && make install
修改pip3源为国内源
pip3 install -i https://pypi.tuna.tsinghua.edu.cn/simple pip -U
安装pip_search包
pip install pip-search
验证
pip_search anyhHub
证书申请
安装certbot
yum install epel-release -y
yum install certbot -y
配置certbot
mkdir -p /opt/certbot
cd /opt/certbot
python3 -m venv venv
source venv/bin/activate
pip3 install certbot certbot-nginx
下载letsencrypt-aliyun-dns-manual-hook开源项目
https://github.com/broly8/letsencrypt-aliyun-dns-manual-hook.git
修改config.ini
cd letsencrypt-aliyun-dns-manual-hook
vi config.ini
将里面的appid和appsecret值修改成你阿里云的accesskeyid和accesskeysecret
appid=xxxxx
appsecret=jX9g0W75MGZ6me63
开始申请证书
certbot certonly -d *.xxx.com --manual --preferred-challenges dns \
--manual-auth-hook 'python /opt/xxx.com/letsencrypt-aliyun-dns-manual-hook/manual-hook.py --auth' \
--manual-cleanup-hook 'python /opt/xxx.com/letsencrypt-aliyun-dns-manual-hook/manual-hook.py --cleanup'
证书查看
certbot certificates
更新证书
certbot renew
