Unifi Control 添加Let’s Encrypt证书

curl https://get.acme.sh | sh

安装好之后,需要先断开终端,重新连接一次,以使命令生效

acme.sh --upgrade --auto-upgrade --accountemail "admin@kper.net"

添加文件:/root/.acme.sh/cloudkey-renew-hook.sh

#!/bin/bash
# Renew-hook for ACME / Let's encrypt
echo "** Configuring new Let's Encrypt certs"
cd /etc/ssl/private
rm -f /etc/ssl/private/cert.tar /etc/ssl/private/unifi.keystore.jks /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/private/fullchain.pem

openssl pkcs12 -export -in /etc/ssl/private/cloudkey.crt -inkey /etc/ssl/private/cloudkey.key -out /etc/ssl/private/cloudkey.p12 -name unifi -password pass:aircontrolenterprise

keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /usr/lib/unifi/data/keystore -srckeystore /etc/ssl/private/cloudkey.p12 -srcstoretype PKCS12 -srcstorepass aircontrolenterprise -alias unifi

rm -f /etc/ssl/private/cloudkey.p12
tar -cvf cert.tar *
chown root:ssl-cert /etc/ssl/private/*
chmod 640 /etc/ssl/private/*

echo "** Testing Nginx and restarting"
/usr/sbin/nginx -t
/etc/init.d/nginx restart ; /etc/init.d/unifi restart
export HE_Username="username"
export HE_Password="password"
acme.sh --issue --dns dns_he -d ac.kper.net --pre-hook "touch /etc/ssl/private/cert.tar; tar -zcvf /root/.acme.sh/CloudKeySSL_`date +%Y-%m-%d_%H.%M.%S`.tgz /etc/ssl/private/*" --fullchainpath /etc/ssl/private/cloudkey.crt --keypath /etc/ssl/private/cloudkey.key --reloadcmd "sh /root/.acme.sh/cloudkey-renew-hook.sh"

搞定!

继续阅读
  • 我的微信
  • 这是我的微信扫一扫
  • weinxin
  • 我的微信公众号
  • 我的微信公众号扫一扫
  • weinxin
PlanB
  • 本文由 发表于 2018年11月10日01:23:27
用acme.sh颁发SSL证书 Linux

用acme.sh颁发SSL证书

curl https://get.acme.sh | sh 安装好之后,需要先断开终端,重新连接一次,以使命令生效 acme.sh --upgrade --auto-upgrade --account...
All in one Home Server Linux

All in one Home Server

在家里做了All in one 服务器(超微X10SDV-TLN4F+16GDDR4*2+8T*8+LSI9271-8I+银欣DS380+SF450),服务器做的Raid6……可同时挂两块硬盘,数据安...
匿名

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: