ProHoster > Π‘Π»ΠΎΠ³ > Kev tswj hwm > LetsEncrypt npaj yuav thim nws daim ntawv pov thawj vim muaj kab mob software

LetsEncrypt npaj yuav thim nws daim ntawv pov thawj vim muaj kab mob software

LetsEncrypt npaj yuav thim nws daim ntawv pov thawj vim muaj kab mob software
LetsEncrypt, uas muaj daim ntawv pov thawj SSL dawb rau kev encryption, raug yuam kom tshem tawm qee daim ntawv pov thawj.

Qhov teeb meem yog hais txog software yuam kev hauv Boulder tswj software siv los tsim CA. Feem ntau, kev txheeb xyuas DNS ntawm CAA cov ntaub ntawv tshwm sim ib txhij nrog kev lees paub ntawm kev ua tswv cuab, thiab cov neeg siv feem ntau tau txais daim ntawv pov thawj tam sim ntawd tom qab kev txheeb xyuas, tab sis cov software tsim tawm tau ua nws kom cov txiaj ntsig ntawm kev pov thawj suav tias dhau mus dhau 30 hnub tom ntej. . Qee qhov xwm txheej, nws tuaj yeem tshawb xyuas cov ntaub ntawv thib ob ua ntej daim ntawv pov thawj raug muab, tshwj xeeb CAA yuav tsum tau rov qab xyuas dua li ntawm 8 teev ua ntej tshaj tawm, yog li txhua tus neeg txheeb xyuas ua ntej lub sijhawm no yuav tsum tau rov txheeb xyuas dua.

Qhov yuam kev yog dab tsi? Yog tias daim ntawv thov daim ntawv pov thawj muaj N domains uas yuav tsum tau rov ua dua CAA pov thawj, Boulder xaiv ib qho ntawm lawv thiab txheeb xyuas nws N zaug. Raws li qhov tshwm sim, nws muaj peev xwm muab daim ntawv pov thawj txawm tias koj tom qab (txog X + 30 hnub) teeb tsa CAA cov ntaub ntawv uas txwv tsis pub muab daim ntawv pov thawj LetsEncrypt.

Txhawm rau txheeb xyuas daim ntawv pov thawj, lub tuam txhab tau npaj online cuab yeejuas yuav qhia cov ncauj lus kom ntxaws.

Cov neeg siv qib siab tuaj yeem ua txhua yam lawv tus kheej siv cov lus txib hauv qab no:

# ΠΏΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° https
openssl s_client -connect example.com:443 -showcerts </dev/null 2>/dev/null | openssl x509 -text -noout | grep -A 1 Serial Number | tr -d :
# Π²Π°Ρ€ΠΈΠ°Π½Ρ‚ ΠΏΡ€ΠΎΠ²Π΅Ρ€ΠΊΠΈ ΠΎΡ‚ @simpleadmin 
echo | openssl s_client -connect example.com:443 |& openssl x509 -noout -serial
# ΠΏΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° ΠΏΠΎΡ‡Ρ‚ΠΎΠ²ΠΎΠ³ΠΎ сСрвСра, ΠΏΡ€ΠΎΡ‚ΠΎΠΊΠΎΠ» SMTP
openssl s_client -connect example.com:25 -starttls smtp -showcerts </dev/null 2>/dev/null | openssl x509 -text -noout | grep -A 1 Serial Number | tr -d :
# ΠΏΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° ΠΏΠΎΡ‡Ρ‚ΠΎΠ²ΠΎΠ³ΠΎ сСрвСра, ΠΏΡ€ΠΎΡ‚ΠΎΠΊΠΎΠ» SMTP
openssl s_client -connect example.com:587 -starttls smtp -showcerts </dev/null 2>/dev/null | openssl x509 -text -noout | grep -A 1 Serial Number | tr -d :
# ΠΏΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° ΠΏΠΎΡ‡Ρ‚ΠΎΠ²ΠΎΠ³ΠΎ сСрвСра, ΠΏΡ€ΠΎΡ‚ΠΎΠΊΠΎΠ» IMAP
openssl s_client -connect example.com:143 -starttls imap -showcerts </dev/null 2>/dev/null | openssl x509 -text -noout | grep -A 1 Serial Number | tr -d :
# ΠΏΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° ΠΏΠΎΡ‡Ρ‚ΠΎΠ²ΠΎΠ³ΠΎ сСрвСра, ΠΏΡ€ΠΎΡ‚ΠΎΠΊΠΎΠ» IMAP
openssl s_client -connect example.com:993 -showcerts </dev/null 2>/dev/null | openssl x509 -text -noout | grep -A 1 Serial Number | tr -d :
# Π² ΠΏΡ€ΠΈΠ½Ρ†ΠΈΠΏΠ΅ Π°Π½Π°Π»ΠΎΠ³ΠΈΡ‡Π½ΠΎ ΠΏΡ€ΠΎΠ²Π΅Ρ€ΡΡŽΡ‚ΡΡ ΠΈ Π΄Ρ€ΡƒΠ³ΠΈΠ΅ сСрвисы

Tom ntej no koj yuav tsum saib no koj tus lej xov tooj, thiab yog tias nws nyob hauv daim ntawv teev npe, nws raug pom zoo kom rov ua dua daim ntawv pov thawj.

Txhawm rau hloov daim ntawv pov thawj, koj tuaj yeem siv certbot:

certbot renew --force-renewal

Qhov teeb meem tau pom thaum Lub Ob Hlis 29, 2020; txhawm rau daws qhov teeb meem, kev tshaj tawm cov ntawv pov thawj raug ncua los ntawm 3: 10 UTC rau 5: 22 UTC. Raws li kev tshawb nrhiav sab hauv, qhov yuam kev tau ua rau Lub Xya Hli 25, 2019; lub tuam txhab yuav muab cov lus qhia ntxaws ntxiv tom qab.

UPD: qhov kev pabcuam pov thawj hauv online yuav tsis ua haujlwm los ntawm Lavxias tus IP chaw nyob.

Tau qhov twg los: www.hab.com

Ntxiv ib saib