| 本帖最后由 帝玺SSL 于 2022-8-10 03:53 编辑
阅读 https://www1.hi.cn/docs/best-practice/secure-aapanel-https
总结起来就是一段SSH命令:
- email="[email protected]" # 记得修改成你的邮箱
- ip=$(curl -s -4 ip.sb)
- webroot=$(cat $((grep -r " "$ip /www/server/panel/vhost/nginx/ || grep -r "default_server" /www/server/panel/vhost/nginx/) | grep server_name | awk ‘{print $1}’ | cut -d ‘:’ -f1) | egrep ‘root ‘ | awk ‘{print $2}’ | cut -d ‘;’ -f1)
-
- if [ -z "$webroot" ]; then
- echo "请先创建1个IP站点或者设置1个默认站点!"
- exit 1
- fi
-
- export LE_WORKING_DIR=/root/.acme.sh
-
- /bin/cp -rf /www/server/panel/ssl/privateKey.pem /www/server/panel/ssl/privateKey.pem.bak
- /bin/cp -rf /www/server/panel/ssl/certificate.pem /www/server/panel/ssl/certificate.pem.bak
- /bin/cp -rf /www/server/panel/vhost/cert/$ip/privkey.pem /www/server/panel/vhost/cert/$ip/privkey.pem.bak
- /bin/cp -rf /www/server/panel/vhost/cert/$ip/fullchain.pem /www/server/panel/vhost/cert/$ip/fullchain.pem.bak
-
- /root/.acme.sh/acme.sh –register-account
- –email $email
- –server https://acme.hi.cn/directory &&
-
- /root/.acme.sh/acme.sh –issue
- -d $ip –webroot $webroot
- –server https://acme.hi.cn/directory
- –force &&
-
- echo "复制宝塔面板证书" &&
- /bin/cp -rf /root/.acme.sh/$ip/$ip.key /www/server/panel/ssl/privateKey.pem &&
- /bin/cp -rf /root/.acme.sh/$ip/fullchain.cer /www/server/panel/ssl/certificate.pem &&
-
- echo "True" > /www/server/panel/data/ssl.pl &&
-
- bt reload &&
-
- echo "安装站点证书(如有)" &&
- /bin/cp -rf /root/.acme.sh/$ip/$ip.key /www/server/panel/vhost/cert/$ip/privkey.pem &&
- /bin/cp -rf /root/.acme.sh/$ip/fullchain.cer /www/server/panel/vhost/cert/$ip/fullchain.pem &&
-
- bt reload &&
-
- echo "成功续期"
复制代码
|
![[美国VPS] 为你宝塔面板一键开启HTTPS登陆+自动续期(面板+站点)](https://cdn.jsdelivr.net/gh/master-of-forums/master-of-forums/src/images/patch.gif)
![[美国VPS] 为你宝塔面板一键开启HTTPS登陆+自动续期(面板+站点)](https://cdn.jsdelivr.net/gh/master-of-forums/master-of-forums/public/images/patch.gif){kind=small}
