{"id":1304,"date":"2023-12-26T09:10:35","date_gmt":"2023-12-26T01:10:35","guid":{"rendered":"https:\/\/nas1.xyz1943.net\/wordpress\/?p=1304"},"modified":"2023-12-26T09:10:35","modified_gmt":"2023-12-26T01:10:35","slug":"acme-%e9%a9%97%e8%ad%89%e6%96%b9%e5%bc%8f-lets-encrypt-%e5%85%8d%e8%b2%bb%e7%9a%84-ssl-tls-%e6%86%91%e8%ad%89","status":"publish","type":"post","link":"https:\/\/nas1.xyz1943.net\/wordpress\/2023\/12\/26\/acme-%e9%a9%97%e8%ad%89%e6%96%b9%e5%bc%8f-lets-encrypt-%e5%85%8d%e8%b2%bb%e7%9a%84-ssl-tls-%e6%86%91%e8%ad%89\/","title":{"rendered":"ACME \u9a57\u8b49\u65b9\u5f0f – Let’s Encrypt – \u514d\u8cbb\u7684 SSL\/TLS \u6191\u8b49"},"content":{"rendered":"

\u76ee\u524d Let’s encrypt HTTP \u6a21\u5f0f
\n\u9a57\u8b49\u6642\u4e00\u5b9a\u8981\u958b\u653e\u7533\u8acb\u7db2\u57df\u7684 80 port(\u4e0d\u80fd\u8b8a\u66f4)
\n\u4e26\u5c07\u6307\u5b9a\u7684\u8def\u5f91\u653e\u4e0a token \u6a94\u6848
\n\u5982\u679c\u5f9e\u8a2d\u5099\u63d0\u4f9b 80 port \u7db2\u9801
\n\u524d\u7aef\u8a2d\u5099\u4e5f\u8981\u914d\u5408\u8abf\u6574\u958b\u653e
\n\u5982\u679c\u7db2\u57df\u539f\u672c\u5c31\u6709web \u53ef\u80fd\u6703\u6709\u53e6\u5916\u7684\u554f\u984c<\/p>\n

\u53e6\u5916HTTP \u8207 DNS \u4e00\u500b\u6eff\u91cd\u8981\u7684\u5dee\u7570
\nHTTP \u6a21\u5f0f\u4e0d\u80fd\u7533\u8acb\u842c\u7528\u7db2\u57df (EX: *.abc.com.tw)<\/p>\n

———————————————————-<\/p>\n

\u4f60\u5f9e Let\u2019s Encrypt \u53d6\u5f97\u6191\u8b49\u6642\uff0c\u6211\u5011\u7684\u4f3a\u670d\u5668\u6703\u4f7f\u7528 ACME \u6a19\u6e96\u4e0b\u6240\u5236\u5b9a\u7684”\u8003\u9a57”\uff0c\u4f86\u9a57\u8b49\u4f60\u662f\u5426\u64c1\u6709\u4f60\u6240\u7533\u8acb\u7684\u7db2\u57df\u3002\u5927\u591a\u60c5\u6cc1\u4e0b\uff0c\u9a57\u8b49\u904e\u7a0b\u90fd\u662f\u7531 ACME \u5ba2\u6236\u7aef\u81ea\u52d5\u5b8c\u6210\u7684\uff0c\u4e0d\u904e\u5982\u679c\u4f60\u60f3\u8981\u4e00\u4e9b\u66f4\u8907\u96dc\u7684\u8a2d\u5b9a\uff0c\u6211\u5011\u5efa\u8b70\u4f60\u4e86\u89e3\u66f4\u591a\u6709\u95dc\u9a57\u8b49\u7684\u6a5f\u5236\u3002\u5982\u679c\u4f60\u4e0d\u78ba\u5b9a\u8a72\u4f7f\u7528\u54ea\u500b\u9a57\u8b49\u65b9\u5f0f\uff0c\u8acb\u4f7f\u7528\u4f60 ACME \u5ba2\u6236\u7aef\u7684\u9810\u8a2d\u9078\u9805\uff0c\u6216\u4f7f\u7528 HTTP-01 \u8003\u9a57\u3002HTTP-01 \u8003\u9a57 \u9019\u662f\u73fe\u4eca\u6700\u5e38\u898b\u7684\u4e00\u7a2e\u9a57\u8b49\u65b9\u5f0f\u3002Let\u2019s Encrypt \u7d66\u4e88 ACME \u5ba2\u6236\u7aef\u4e00\u500b token\uff0c\u8acb ACME \u5ba2\u6236\u7aef\u5c07\u5305\u542b token \u548c\u5e33\u865f\u91d1\u9470\u6307\u7d0b\u7684\u6a94\u6848\uff0c\u653e\u5230\u7db2\u9801\u4f3a\u670d\u5668\u4e2d http:\/\/\/.well-known\/acme-challenge\/ \u7684\u4f4d\u7f6e\u3002\u7576 ACME \u5ba2\u6236\u7aef\u901a\u77e5 Let\u2019s Encrypt \u9019\u500b\u6a94\u6848\u5df2\u7d93\u653e\u7f6e\u5b8c\u6210\uff0cLet\u2019s Encrypt \u5c31\u6703\u8a66\u8457\u53d6\u5f97\u5b83\uff08\u53ef\u80fd\u6703\u5f9e\u591a\u500b\u4e3b\u6a5f\u5617\u8a66\u53d6\u5f97\u6578\u6b21\uff09\u3002\u5982\u679c\u6211\u5011\u80fd\u5f9e\u4f60\u7684\u7db2\u9801\u4f3a\u670d\u5668\u53d6\u5f97\u6a94\u6848\u4e26\u9a57\u8b49\u5176\u5167\u5bb9\uff0c\u4f60\u5c31\u901a\u904e\u4e86\u9019\u500b\u8003\u9a57\uff0c\u4f60\u53ef\u4ee5\u63a5\u8457\u5411\u6211\u5011\u7533\u8acb\u6191\u8b49\u9812\u767c\u3002\u5982\u679c\u6211\u5011\u7684\u9a57\u8b49\u5931\u6557\uff0c\u4f60\u5c31\u5fc5\u9808\u91cd\u4f86\u4e00\u6b21\u3002\u6211\u5011\u9a57\u8b49 HTTP-01 \u6642\uff0c\u63a5\u53d7\u6700\u591a 10 \u6b21\u91cd\u65b0\u5c0e\u5411\uff0c\u4e26\u4e14\u53ea\u63a5\u53d7\u5f9e \u201chttp:\u201d \u5c0e\u5411\u5230 \u201chttps:\u201d \u8207\u901a\u8a0a\u57e0 80 \u5c0e\u5411\u5230\u901a\u8a0a\u57e0 443\uff0c\u4e0d\u63a5\u53d7 IP \u4f4d\u5740\u7684\u91cd\u65b0\u5c0e\u5411\u3002\u7576\u6211\u5011\u88ab\u91cd\u65b0\u5c0e\u5411\u5230 HTTPS \u5f8c\uff0c\u6211\u5011\u4e0d\u6703\u9a57\u8b49\u6191\u8b49\u662f\u5426\u6709\u6548\uff08\u56e0\u70ba\u9a57\u8b49\u7684\u76ee\u7684\u662f\u7533\u8acb\u6709\u6548\u6191\u8b49\uff0c\u6240\u4ee5\u53ef\u80fd\u6703\u9047\u5230\u81ea\u7c3d\u6191\u8b49\u6216\u662f\u904e\u671f\u6191\u8b49\uff09\u3002HTTP-01 \u53ea\u80fd\u53ea\u80fd\u900f\u904e\u901a\u8a0a\u57e0 80 \u4f86\u5b8c\u6210\uff1b\u8b93 ACME \u5ba2\u6236\u7aef\u4f7f\u7528\u4efb\u610f\u901a\u8a0a\u57e0\u9032\u884c\u9a57\u8b49\uff0c\u53ef\u80fd\u6703\u5c0e\u81f4\u5b89\u5168\u6027\u554f\u984c\uff0c\u6240\u4ee5 ACME \u6a19\u6e96\u4e2d\u4e0d\u5141\u8a31\u9019\u6a23\u7684\u9a57\u8b49\u884c\u70ba\u3002\u512a\u9ede\uff1a \u5728\u4e0d\u9700\u8981\u4e86\u89e3\u8a2d\u5b9a\u7db2\u57df\u7684\u984d\u5916\u77e5\u8b58\u4e0b\uff0c\u8f15\u9b06\u7684\u5b8c\u6210\u81ea\u52d5\u9a57\u8b49 \u5141\u8a31\u4e3b\u6a5f\u6216\u670d\u52d9\u63d0\u4f9b\u696d\u8005\u900f\u904e CNAME \u7d00\u9304\u7533\u8acb\u6191\u8b49 \u9069\u7528\u65bc\u591a\u6578\u73fe\u6210\u7684\u7db2\u9801\u4f3a\u670d\u5668 \u7f3a\u9ede\uff1a \u5982\u679c\u4f60\u7684\u7db2\u8def\u670d\u52d9\u696d\u8005 (ISP) \u963b\u64cb\u901a\u8a0a\u57e0 80\uff08\u9019\u7a2e\u60c5\u6cc1\u5f88\u5c11\u898b\uff0c\u4f46\u6709\u4e9b\u4f4f\u5b85\u5340\u7684 ISP \u6703\u9019\u9ebc\u505a\uff09\u90a3\u9ebc\u4f60\u5c31\u7121\u6cd5\u4f7f\u7528\u9019\u500b\u65b9\u5f0f\u9a57\u8b49 Let\u2019s Encrypt \u4e0d\u5141\u8a31\u4f60\u4f7f\u7528\u9019\u7a2e\u9a57\u8b49\u65b9\u5f0f\u9812\u767c\u842c\u7528\u6191\u8b49 \u5982\u679c\u4f60\u6709\u5f88\u591a\u500b\u7db2\u9801\u4f3a\u670d\u5668\uff0c\u4f60\u5fc5\u9808\u78ba\u4fdd\u9a57\u8b49\u6a94\u6848\u5728\u5404\u500b\u4f3a\u670d\u5668\u4e0a DNS-01 \u8003\u9a57 \u9019\u500b\u8003\u9a57\u6703\u8acb\u4f60\u5728\u7db2\u57df\u7684 TXT \u7d00\u9304\u4e2d\uff0c\u653e\u4e00\u6bb5\u7279\u5b9a\u7684\u6587\u5b57\uff0c\u4f86\u8b49\u660e\u4f60\u64c1\u6709\u6b64\u7db2\u57df\u7684 DNS \u63a7\u5236\u6b0a\u3002DNS-01 \u7684\u8a2d\u5b9a\u6b65\u9a5f\u6703\u6bd4 HTTP-01 \u56f0\u96e3\uff0c\u4f46\u662f\u5b83\u53ef\u4ee5\u5728 HTTP-01 \u7121\u6cd5\u4f7f\u7528\u7684\u60c5\u6cc1\u4e0b\u5b8c\u6210\u9a57\u8b49\u3002\u5b83\u4e5f\u5141\u8a31\u4f60\u7533\u8acb\u842c\u7528\u6191\u8b49\u3002<\/p><\/blockquote>\n

\u5167\u5bb9\u51fa\u8655: ACME \u9a57\u8b49\u65b9\u5f0f – Let’s Encrypt – \u514d\u8cbb\u7684 SSL\/TLS \u6191\u8b49<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

\u76ee\u524d Let’s encrypt HTTP \u6a21\u5f0f \u9a57\u8b49\u6642\u4e00\u5b9a\u8981\u958b\u653e\u7533 … \u95b1\u8b80\u5168\u6587 →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[20],"tags":[],"_links":{"self":[{"href":"https:\/\/nas1.xyz1943.net\/wordpress\/wp-json\/wp\/v2\/posts\/1304"}],"collection":[{"href":"https:\/\/nas1.xyz1943.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nas1.xyz1943.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nas1.xyz1943.net\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nas1.xyz1943.net\/wordpress\/wp-json\/wp\/v2\/comments?post=1304"}],"version-history":[{"count":1,"href":"https:\/\/nas1.xyz1943.net\/wordpress\/wp-json\/wp\/v2\/posts\/1304\/revisions"}],"predecessor-version":[{"id":1305,"href":"https:\/\/nas1.xyz1943.net\/wordpress\/wp-json\/wp\/v2\/posts\/1304\/revisions\/1305"}],"wp:attachment":[{"href":"https:\/\/nas1.xyz1943.net\/wordpress\/wp-json\/wp\/v2\/media?parent=1304"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nas1.xyz1943.net\/wordpress\/wp-json\/wp\/v2\/categories?post=1304"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nas1.xyz1943.net\/wordpress\/wp-json\/wp\/v2\/tags?post=1304"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}