Let's Encryptを使って無料でブログをSSL化する
Posted: 2017-12-18
スポンサーリンク
目次
はじめに
Let's Encryptは無料でSSL証明書を発行してくれるありがたい機関?です。
googleの検索順位もhttps化されたページの方が優先されるということで、今回このブログもhttps化しようかと思い、その手順を残しておこうかと思います。
環境
- CentOS Linux release 7.4.1708 (Core)
- nginx/1.10.2
- rails4.2.0
前提
- 独自ドメインを既に取得済みであること
手順
基本的には公式のまんまです
1. certbot(CLI)のインストール
yum install epel-release
yum install certbot
今回はnginx環境なのでpython-certbot-apacheはインストールしません。
2. nginxの設定変更
certbotは証明書を発行するwebサーバ/ドメインが本当に使われているものかを確認するため、WEBサーバ上にテストファイルを置いて外部からアクセスできることを確認します。私の環境ではそれ用の設定を入れてないと以下のエラーが出てうまく行きませんでした。
## エラーが出るパターン
# certbot certonly --webroot -w /usr/share/nginx/html -d blog.setouchino.cloud
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for blog.setouchino.cloud
Using the webroot path /var/www/simpleblog/shared/public for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. blog.setouchino.cloud (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://blog.setouchino.cloud/.well-known/acme-challenge/FHpSClSuHmbGU8mnBTfqyO2BqGhMXytRsvRDZzvukzc: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: blog.setouchino.cloud
Type: unauthorized
Detail: Invalid response from
http://blog.setouchino.cloud/.well-known/acme-challenge/FHpSClSuHmbGU8mnBTfqyO2BqGhMXytRsvRDZzvukzc:
"<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
以下の設定を入れることで回避できます。
# vim /etc/nginx/conf.d/${nginxの設定ファイル名}
--------
server {
listen 80;
server_name blog.setouchino.cloud;
~~~~~中略~~~~~~~
location ^~ /.well-known/acme-challenge/ { # ★追記
root /usr/share/nginx/html; # ★追記
} # ★追記
}
--------
設定変更後、反映します。
systemctl reload nginx.service
再度実行し、以下のように結果が出ればOKです。
# certbot certonly --webroot -w /usr/share/nginx/html/ -d blog.setouchino.cloud
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for blog.setouchino.cloud
Using the webroot path /usr/share/nginx/html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/blog.setouchino.cloud/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/blog.setouchino.cloud/privkey.pem
Your cert will expire on 2018-03-18. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
"certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
これで証明書の払い出しはOKです。
証明書は
/etc/letsencrypt/live/ドメイン名
のディレクトリ配下に作られています。
3.nginxのSSL設定
# httpでアクセスしてきたらhttpsにリダイレクト
server {
listen 80;
server_name host.example.com;
return 301 https://$host$request_uri;
}
# httpsの設定
server {
listen 443 ssl;
server_name host.example.com;
ssl_certificate /etc/letsencrypt/live/blog.setouchino.cloud/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/blog.setouchino.cloud/privkey.pem;
root /usr/share/nginx/html;
access_log /var/log/nginx/ssl_access.log;
error_log /var/log/nginx/ssl_error.log;
location ~ ^/assets/ {
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass http://unicorn;
}
#location ^~ /.well-known/acme-challenge/ {
#root /usr/share/nginx/html;
#}
}
4. nginxのrestart
systemctl restart nginx.service
これでブラウザにhttpsでアクセスして正しく表示されればOKです。
スポンサーリンク
コメント一覧
2022/05/20 20:35:24
nntgutakさん
2022/05/21 02:23:54
Wnbhwongeさん
levitra dosage reviews levitra reviews by men https://glevitrargu.com/
2022/05/21 04:14:34
tenastywさん
provigil over the counter purchase modafinil without prescription cost provigil
2022/05/21 07:47:56
sobtrugoさん
2022/04/07 23:22:07
Ntfbfplugsさん
buy cialis without prescription generic tadalafil
2022/04/08 11:15:23
Keezexictさん
tadalafil blood pressure cheapest tadalafil india
2022/04/09 08:27:01
Dbngplugsさん
walmart sildenafil tadalafil and sildenafil taken together
2022/04/10 09:15:08
Fnenvunnyさん
viagra soft tabs buy viagra professional
2022/04/10 04:52:32
AndaAudircurnさん
buying tadalafil online adcirca tadalafil
2022/04/10 16:39:32
Crnnwongeさん
viagra pill viagra pills cheap generic viagra viagra natural
2022/04/11 20:12:00
Nmioplugsさん
Remeron legitimate canadian pharmacy list
2022/04/12 06:00:20
Kbwnexictさん
generic viagra in india 3 viagra pills
2022/04/13 04:46:53
Dennplugsさん
store locator lloyds pharmacy canadian certified pharmacy
2022/04/13 11:40:56
Nbttplugsさん
buy cialis online without prescription generic vs brand name for cialis
2022/04/14 00:54:31
Knrnexictさん
canadian pharmacy 24h com safe fred's pharmacy
2022/04/14 20:26:37
Dsnnplugsさん
Prandin Exelon
2022/04/15 11:53:56
AnuoAudircurnさん
Benemid canadian online pharmacy
2022/04/15 20:11:49
Fuupvunnyさん
sildenafil citrate generic vs viagra viagra uk cost
2022/04/16 02:53:25
Ckanwongeさん
www levitra com levitra over the counter uk
2022/04/17 02:33:26
Enrnexictさん
cialis 20 mg from canada cialis with dapoxetine australia overnight delivery
2022/04/18 00:20:03
Jtnnplugsさん
does oral ivermectin kill demodex mites stromectol usa
2022/04/18 13:20:36
AnnoAudircurnさん
canada generic viagra how to buy sildenafil online usa
2022/04/18 20:58:59
Auupvunnyさん
blue sky peptide tadalafil cheap cost tadalafil online
2022/04/19 04:09:11
Wevgwongeさん
escrow pharmacy online enterprise rx pharmacy system
2022/04/19 21:42:14
nyyyplugsさん
levitra uk generic levitra 40 mg
2022/04/20 10:02:16
Ennsexictさん
generic sildenafil paypal where to buy sildenafil over the counter
2022/04/21 07:40:52
Jnnyplugsさん
how to buy cialis online prices of cialis 20 mg
2022/04/21 19:41:27
AnuuAudircurnさん
Flexeril pharmacy from canada
2022/04/22 03:58:03
Ahhpvunnyさん
windsor, ontario, canada pharmacy cialis super active cialis with no prescription
2022/04/22 10:27:41
Wnsnwongeさん
how long does levitra take to work how much does levitra cost at cvs
2022/04/23 02:08:27
Ntcxplugsさん
viagra 100mg canadian pharmacy india pharmacy mail order
2022/04/23 14:29:13
Eaaqexictさん
pet pharmacy in canada store number walmart pharmacy
2022/04/24 12:01:47
Jmmplugsさん
hot canadian pharmacy review is canadian healthcare pharmacy legitimate
2022/04/25 00:23:44
JyhAudircurnさん
are canadian pharmacies safe cvs pharmacy cvs store
2022/04/25 08:36:11
Ansnvunnyさん
canada drugs pharmacy checker optimal rx pharmacy
2022/04/25 15:14:32
Wnnhwongeさん
pharmacy price checker canada canada pharmacy online complaints
2022/04/29 13:56:27
Nndnplugsさん
how to order drugs from canada all rx pharmacy https://jzpharmacyukj.com/
2022/04/30 02:03:36
Ebbexictさん
meds online pharmacy pet pharmacy online https://dtupharmyjn.com/
2022/04/30 23:02:13
Jebplugsさん
canadian pharmacy viagra 100 mg buy 90 sildenafil 100mg price https://sgiviagraikn.com/
2022/05/01 11:12:29
JyhgAudircurnさん
is ivermectin safe for pregnant mares ivermectin drug https://stromectolujlo.com/
2022/05/01 18:59:27
Anbnvunnyさん
viagra vs sildenafil sildenafil citrate cost https://sildenafilkiol.com/
2022/05/02 01:37:43
Wnbhwongeさん
levitra tabs levitra discount code https://glevitrargu.com/
2022/05/03 16:28:31
Nndenplugsさん
levitra fda approval viagra levitra cialis prices https://xclevitradb.com/
2022/05/04 04:18:52
Ebbeexictさん
generic cialis uk online where to buy generic cialis https://dccialisxvf.com/
2022/05/05 00:36:28
Jebnplugsさん
people's pharmacy no prior prescription required pharmacy
2022/05/05 13:01:19
JolwAudircurnさん
cheap generic viagra online buying viagra in europe https://aviagrasbt.com/
2022/05/09 02:16:30
swwktdさん
hydroxicloriquin plaquenil medicine
2022/05/09 10:32:13
Nndenplugsさん
free levitra levitra medication https://xclevitradb.com/
2022/05/09 22:17:08
Ebbeexictさん
cialis generic prices what works better viagra or cialis https://dccialisxvf.com/
2022/05/10 18:02:17
Jebnplugsさん
rx partners pharmacy pharmacy online reviews
2022/05/11 06:32:42
JolwAudircurnさん
generic viagra 200mg sildenafil compare prices https://aviagrasbt.com/
2022/05/11 13:26:25
Anbnvunnyさん
sildenafil side effects sildenafil iv https://sildenafilkiol.com/
2022/05/11 19:46:11
Wnbhwongeさん
levitra premature ejaculation study levitra not working anymore https://glevitrargu.com/
2022/05/13 16:57:44
EvaleenOaOaさん
help with my dissertation proposal
how long is a dissertation
cheap dissertation writing service
2022/05/14 12:58:20
Nndenplugsさん
levitra and alcohol consumption levitra precio https://xclevitradb.com/
2022/05/14 15:13:10
MaggeeOaOaさん
phd dissertation help outline
capstone vs dissertation
creative writing dissertation proposal
2022/05/15 10:16:21
RegineOaOaさん
dissertation writing
online dissertation help united kingdom
proposal and dissertation help 3000 words
2022/05/15 21:25:35
Jebnplugsさん
dextroamphetamine online pharmacy norcos online pharmacy
2022/05/16 09:26:44
KirstiOaOaさん
what is a doctoral dissertation
dissertation help us
writing doctoral dissertation
2022/05/16 17:02:57
Anbnvunnyさん
sildenafil usa sildenafil products https://sildenafilkiol.com/
2022/05/17 18:24:42
KirstiOaOaさん
doctoral dissertation help your
writing a dissertation in a week
dissertation consulting
2022/05/18 04:04:13
dgvcwjyzさん
2022/05/18 16:13:18
Nndenplugsさん
uk levitra cialis comparison viagra levitra https://xclevitradb.com/
2022/05/18 20:39:21
qeirnxtkさん
order provigil 200mg without prescription buy modafinil for sale buy modafinil online cheap
2022/05/19 03:16:32
bnkobidbさん
purchase modafinil pills order provigil 200mg pill
2022/05/19 03:52:27
Ebbeexictさん
can i take cialis with daxpoteine cialis costco https://dccialisxvf.com/
2022/05/19 06:16:38
jwlpvvpnさん
2022/05/19 21:51:23
CharlaOaOaさん
dissertation proofreading help
dissertation help derrida
custom dissertation writing service 2019
2022/05/20 00:28:05
Jebnplugsさん
how to get canadian pharmacy to stop calling tadalafil online canadian pharmacy
2022/05/20 02:31:15
iwgubdzmさん
order modafinil 200mg pills buy provigil 200mg pills
2022/05/20 12:40:12
JolwAudircurnさん
buy viagra from mexico buy viagra without presc https://aviagrasbt.com/
2022/05/20 20:05:08
Anbnvunnyさん
webmd sildenafil how sildenafil works https://sildenafilkiol.com/
コメントを投稿する
TOP back