WeChat applet development uses letsencrypt.sh script to configure free https certificate for nginx under Centos 6.8.

Recently when I was developing WeChat mini program mall, I read the official api document and found that https is required.

wx.request(OBJECT)

wx.request initiates an HTTPS request.

So we started using the letsencrypt.sh script to configure free https (Let's Encrypt SSL certificate) for nginx under Centos 6.8.

1. Download letsencrypt.sh

# wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.conf
# wget https://raw.githubusercontent.com/xdtianyu/scripts/master/lets-encrypt/letsencrypt.sh

2. Modify the parameters of letsencrypt.conf file

# vim letsencrypt.conf
 
# only modify the values, key files will be generated automaticly.
ACCOUNT_KEY="letsencrypt-account.key" 
DOMAIN_KEY="mtian.net.key"
DOMAIN_DIR="/usr/local/nginx/html"  #网站的根目录
DOMAINS="DNS:mtian.net,DNS:www.mtian.net" #你的网站域名，多个域名用,号分隔
#ECC=TRUE
#LIGHTTPD=TRUE

3. Execute the file to generate the ssl certificate file required for https

添加执行权限并执行
# chmod +x letsencrypt.sh   
# ./letsencrypt.sh letsencrypt.conf  
 
运行完成后会在当前目录生成如下文件
letsencrypt-account.key  lets-encrypt-x3-cross-signed.pem  mtian.csr
letsencrypt.conf         mtian.chained.crt                 mtian.net.key
letsencrypt.sh           mtian.crt

5. Modify the nginx configuration file and add https

# vim /usr/local/nginx/conf/nginx.conf
 
 
    
    server {
        listen       443 ssl;
        server_name  www.mtian.net;
 
        ssl on;
         
        ssl_certificate /usr/local/nginx/conf/mtian.chained.crt;
        ssl_certificate_key /usr/local/nginx/conf/mtian.net.key;
 
 
        location / {
            root   html;
            index  index.html index.htm;
        }
    }

6. Copy the mtian.chained.crt and mtian.net.key files generated by letsencrypt.sh to the directory specified in nginx.conf/ usr/local/nginx/conf/

# cp  mtian.chained.crt /usr/local/nginx/conf/
# cp  mtian.net.key  /usr/local/nginx/conf/

7. Restart nginx

# service nginx restart
 
Stopping nginx:                                            [  OK  ]
Starting nginx:                                            [  OK  ]

8. Open the browser and visit https://www.mtian.net/. Both Firefox and Google can access it normally. And there is a green lock, https configuration is completed.

The above is the detailed content of WeChat applet development uses letsencrypt.sh script to configure free https certificate for nginx under Centos 6.8.. For more information, please follow other related articles on the PHP Chinese website!