{"id":1663,"date":"2026-01-08T22:42:11","date_gmt":"2026-01-08T14:42:11","guid":{"rendered":"https:\/\/notes.coremix.net\/?p=1663"},"modified":"2026-01-08T22:48:39","modified_gmt":"2026-01-08T14:48:39","slug":"%e4%bd%bf%e7%94%a8docker%e6%b7%bb%e5%8a%a0ssl%e8%af%81%e4%b9%a6","status":"publish","type":"post","link":"https:\/\/notes.coremix.net\/?p=1663","title":{"rendered":"\u4f7f\u7528docker\u6dfb\u52a0SSL\u8bc1\u4e66"},"content":{"rendered":"

 <\/p>\n

\u6709\u4e2a\u7f51\u7ad9\u6253\u5f00\u901f\u5ea6\u7279\u522b\u6162\uff0c\u4e25\u91cd\u6000\u7591\u662fSSL\u9020\u6210\u7684\u8df3\u8f6c\u95ee\u9898\u3002\u9274\u4e8e\u5df2\u7ecf\u6709\u4e86docker SSL\u7ecf\u9a8c\uff0c\u4e8e\u662f\u8bd5\u8bd5\u3002<\/p>\n

 <\/p>\n

 <\/p>\n

\r\n# \u521b\u5efa\u9a8c\u8bc1\u76ee\u5f55\uff1a\r\nmkdir -p \/var\/www\/certbot\r\n\r\n# \u4fee\u6539\u914d\u7f6e\u6587\u4ef6\uff1a\/etc\/nginx\/conf.d\/eait.co.conf  \u6b64\u5904\u9700\u8981\u5148\u6dfb\u52a0\u624d\u884c\uff0c\u7136\u540e\u7ed9nginx\u4f20\u9012\u6311\u6218\u76ee\u5f55\uff08docker\u7528\u7684\uff09\r\n\r\nlocation ^~ \/.well-known\/acme-challenge\/ {\r\n    root \/var\/www\/certbot;\r\n    default_type "text\/plain";\r\n    try_files $uri =404;\r\n}\r\n\r\n# \u7136\u540ereload\r\nnginx -t && systemctl reload nginx\r\n\r\n# \u9a8c\u8bc1\u6311\u6218\u76ee\u5f55\u53ef\u7528\r\necho test > \/var\/www\/certbot\/.well-known\/acme-challenge\/ping\r\ncurl http:\/\/eait.co\/.well-known\/acme-challenge\/ping\r\ncurl http:\/\/notes.coremix.net\/.well-known\/acme-challenge\/ping\r\n\r\n# \u6267\u884c\uff0c\u66f4\u6362\u90ae\u7bb1\uff1a\r\ndocker run --rm \\\r\n  -v \/etc\/letsencrypt:\/etc\/letsencrypt \\\r\n  -v \/var\/www\/certbot:\/var\/www\/certbot \\\r\n  certbot\/certbot certonly --webroot \\\r\n  -w \/var\/www\/certbot \\\r\n  -m your@email.com --agree-tos --no-eff-email \\\r\n  -d xxx.com -d xxx.xxx2.com -d notes.coremix.net\r\n\r\n# \u6210\u529f\u540e\u4f1a\u6709\u4e2a\u76ee\u5f55\uff08\u4e00\u822c\u662f\u4e3b\u57df\u540d\uff09\r\n\/etc\/letsencrypt\/live\/eait.co\/fullchain.pem\r\n\/etc\/letsencrypt\/live\/eait.co\/privkey.pem\r\n\r\n<\/pre>\n
# \u8df3\u8f6c\u540e\u7684\u6574\u4f53\u6587\u4ef6\uff08\u6539\u7aef\u53e3\u548c\u76ee\u5f55\uff09\uff1a<\/p>\n
\r\nserver {\r\n    listen 80;\r\n    server_name www.xxxx.com;\r\n\r\n    location ^~ \/.well-known\/acme-challenge\/ {\r\n        root \/var\/www\/certbot;\r\n        default_type "text\/plain";\r\n        try_files $uri =404;\r\n    }\r\n\r\n    location \/ {\r\n        return 301 https:\/\/$host$request_uri;\r\n    }\r\n}\r\n\r\nserver {\r\n    listen 443 ssl http2;\r\n    server_name www.xxxx.com;\r\n\r\n    ssl_certificate     \/etc\/letsencrypt\/live\/coremix.net\/fullchain.pem;\r\n    ssl_certificate_key \/etc\/letsencrypt\/live\/coremix.net\/privkey.pem;\r\n\r\n    client_max_body_size 100M;\r\n\r\n    location \/ {\r\n        proxy_pass http:\/\/127.0.0.1:8091;\r\n        proxy_set_header Host $host;\r\n        proxy_set_header X-Real-IP $remote_addr;\r\n        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\r\n        proxy_set_header X-Forwarded-Proto https;\r\n        proxy_read_timeout 300;\r\n    }\r\n}\r\n\r\n<\/pre>\n
 <\/p>\n","protected":false},"excerpt":{"rendered":"
  \u6709\u4e2a\u7f51\u7ad9\u6253\u5f00\u901f\u5ea6\u7279\u522b\u6162\uff0c\u4e25\u91cd\u6000\u7591\u662fSSL\u9020\u6210\u7684\u8df3\u8f6c\u95ee\u9898\u3002\u9274\u4e8e\u5df2\u7ecf\u6709\u4e86docker SSL\u7ecf\u9a8c\uff0c\u4e8e […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1663","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"blocksy_meta":[],"_links":{"self":[{"href":"https:\/\/notes.coremix.net\/index.php?rest_route=\/wp\/v2\/posts\/1663","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/notes.coremix.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/notes.coremix.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/notes.coremix.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/notes.coremix.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1663"}],"version-history":[{"count":4,"href":"https:\/\/notes.coremix.net\/index.php?rest_route=\/wp\/v2\/posts\/1663\/revisions"}],"predecessor-version":[{"id":1667,"href":"https:\/\/notes.coremix.net\/index.php?rest_route=\/wp\/v2\/posts\/1663\/revisions\/1667"}],"wp:attachment":[{"href":"https:\/\/notes.coremix.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1663"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/notes.coremix.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1663"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/notes.coremix.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1663"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}