当前位置：首页 > news >正文

中国职业培训在线官方网站网站建设和谷歌优化

news 2025/12/19 0:36:58

中国职业培训在线官方网站,网站建设和谷歌优化,e福州官方网站,十大免费游戏网站Ubuntu 16.04及以上版本通常自带Snapd#xff0c;如果你的系统还没有安装#xff0c;可以通过以下命令安装#xff1a; 安装Certbot# 使用Snap安装Certbot#xff0c;确保你获得的是最新版本#xff1a; bash sudo snap install --classic certbot准备Certbot命令# 确保C…Ubuntu 16.04及以上版本通常自带Snapd如果你的系统还没有安装可以通过以下命令安装安装Certbot# 使用Snap安装Certbot确保你获得的是最新版本 bash sudo snap install --classic certbot准备Certbot命令# 确保Certbot命令可以通过创建一个符号链接到/usr/bin目录中的命令来运行 bash sudo ln -s /snap/bin/certbot /usr/bin/certbot实例 rootmail:~# apt-get install cerbot Reading package lists... Done Building dependency tree... Done Reading state information... Done E: Unable to locate package cerbot rootmail:~# exit logout wqbboymail:~$ sudo apt-get install cerbot [sudo] password for wqbboy: Reading package lists... Done Building dependency tree... Done Reading state information... Done E: Unable to locate package cerbot wqbboymail:~$ sudo apt install snapd [sudo] password for wqbboy: Reading package lists... Done Building dependency tree... Done Reading state information... Done Suggested packages:zenity | kdialog The following packages will be upgraded:snapd 1 upgraded, 0 newly installed, 0 to remove and 11 not upgraded. Need to get 26.4 MB of archives. After this operation, 2,134 kB of additional disk space will be used. Get:1 http://cn.archive.ubuntu.com/ubuntu jammy-updates/main amd64 snapd d64 2.65.322.04 [26.4 MB] Fetched 26.4 MB in 3s (9,407 kB/s) (Reading database ... 89736 files and directories currently installed.) Preparing to unpack .../snapd_2.65.322.04_amd64.deb ... Unpacking snapd (2.65.322.04) over (2.6322.04ubuntu0.1) ... Setting up snapd (2.65.322.04) ... Installing new version of config file /etc/apparmor.d/usr.lib.snapd.snap-nfine.real ... snapd.failure.service is a disabled or a static unit not running, not staing it. snapd.snap-repair.service is a disabled or a static unit not running, nottarting it. Processing triggers for dbus (1.12.20-2ubuntu4.1) ... Processing triggers for mailcap (3.70nmu1ubuntu1) ... Processing triggers for man-db (2.10.2-1) ... Scanning processes... [ Scanning processes... [ Scanning processes... [ Scanning processes... [ Scanning processes... [ Scanning processes... [ Scanning linux images... [ Scanning linux images... Running kernel seems to be up-to-date.No services need to be restarted.No containers need to be restarted.No user sessions are running outdated binaries.No VM guests are running outdated hypervisor (qemu) binarie s on this host. 查看版本 wqbboymail:~$ snap version snap 2.65.322.04 snapd 2.65.322.04 series 16 ubuntu 22.04 kernel 5.15.0-124-generic wqbboymail:~$ sudo snap install --classic certbot certbot 2.11.0 from Certbot Project (certbot-eff✓) installed wqbboymail:~$ ln -s /snap/bin/certbot /usr/bin/certbot ln: failed to create symbolic link /usr/bin/certbot: Permission denied wqbboymail:~$ sudo ln -s /snap/bin/certbot /usr/bin/certbot [sudo] password for wqbboy: wqbboymail:~$ sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful 安装openssl wqbboymail:~$ sudo apt-get install openssl Reading package lists... Done Building dependency tree... Done Reading state information... Done openssl is already the newest version (3.0.2-0ubuntu1.18). openssl set to manually installed. 0 upgraded, 0 newly installed, 0 to remove and 11 not upgraded.wqbboymail:~$ cd /etc/nginx/ wqbboymail:/etc/nginx$ ls conf-available modules-available sites-available.bak conf.d modules-enabled sites-enabled conf-enabled netdata.users sites-enabled.bak fastcgi.conf nginx.conf snippets fastcgi_params nginx.conf.2024.10.20.03.13.29 templates koi-utf proxy_params uwsgi_params koi-win scgi_params win-utf mime.types sites-available生成私钥和 CSR证书签名请求 wqbboymail:/etc/nginx$ sudo openssl req -newkey rsa:2048 -nodes -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.csr ..........................................................*.......*................................................................................................................................................................................................................................................................................................................... ....................*.....*.................................................................................................................................................................................................................................................................................................................................................................................................................. req: Cant open /etc/nginx/ssl/nginx.key for writing, No such file or directory wqbboymail:/etc/nginx$ sudo mkdir ssl wqbboymail:/etc/nginx$ ls conf-available modules-available sites-available.bak conf.d modules-enabled sites-enabled conf-enabled netdata.users sites-enabled.bak fastcgi.conf nginx.conf snippets fastcgi_params nginx.conf.2024.10.20.03.13.29 ssl koi-utf proxy_params templates koi-win scgi_params uwsgi_params mime.types sites-available win-utf wqbboymail:/etc/nginx$ sudo openssl req -newkey rsa:2048 -nodes -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.csr ..................................................................*.......................................................*.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................. .......................................*.....*......................................................................................................................................................................................... ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ., the field will be left blank. ----- Country Name (2 letter code) [AU]:CN State or Province Name (full name) [Some-State]:HUBEI Locality Name (eg, city) []:XGS Organization Name (eg, company) [Internet Widgits Pty Ltd]:GA Organizational Unit Name (eg, section) []:ZHZX Common Name (e.g. server FQDN or YOUR name) []:mail.xgpolice.com Email Address []:Please enter the following extra attributes to be sent with your certificate request A challenge password []: An optional company name []: 生成自签名 SSL 证书 wqbboymail:/etc/nginx$ sudo openssl x509 -req -days 3650 -in /etc/nginx/ssl/nginx.csr -signkey /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt Certificate request self-signature ok subjectC CN, ST HUBEI, L XGS, O GA, OU ZHZX, CN mail.xgpolice.com wqbboymail:/etc/nginx$ sudo vi /etc/nginx/sites-available/00-default 00-default.conf 00-default-ssl.conf wqbboymail:/etc/nginx$ sudo vi /etc/nginx/sites-available/00-default 00-default.conf 00-default-ssl.conf wqbboymail:/etc/nginx$ sudo vi /etc/nginx/sites-available/00-default-ssl.conf让我们在 /etc/nginx/snippets 目录下创建一个新的 Nginx 配置片段。为了正确区分该文件的目的让我们将其命名为 self-signed.conf 在这个文件中我们只需要将 ssl_certificate 指令设置为我们的证书文件将 ssl_certificate_key 设置为相关的密钥。在我们的情况下这将如下所示 wqbboymail:/etc/nginx$ sudo nano /etc/nginx/snippets/self-signed.conf wqbboymail:/etc/nginx$ sudo cat /etc/nginx/snippets/self-signed.conf ssl_certificate /etc/nginx/ssl/nginx.crt; ssl_certificate_key /etc/nginx/ssl/nginx.key; wqbboymail:/etc/nginx$ ls conf-available modules-available sites-available.bak conf.d modules-enabled sites-enabled conf-enabled netdata.users sites-enabled.bak fastcgi.conf nginx.conf snippets fastcgi_params nginx.conf.2024.10.20.03.13.29 ssl koi-utf proxy_params templates koi-win scgi_params uwsgi_params mime.types sites-available win-utf wqbboymail:/etc/nginx$ cd ssl wqbboymail:/etc/nginx/ssl$ ls nginx.crt nginx.csr nginx.key wqbboymail:/etc/nginx/ssl$ cd /etc/nginx/sites-available wqbboymail:/etc/nginx/sites-available$ ls 00-default.conf 00-default-ssl.conf wqbboymail:/etc/nginx/sites-available$ sudo cp 00-default-ssl.conf 00-default-ssl.conf.bak wqbboymail:/etc/nginx/sites-available$ ls 00-default.conf 00-default-ssl.conf 00-default-ssl.conf.bak wqbboymail:/etc/nginx/sites-available$ sudo nano 00-default-ssl.conf 调整 Nginx 配置以使用 SSL wqbboymail:/etc/nginx/sites-available$ cd .. wqbboymail:/etc/nginx$ ls conf-available modules-available sites-available.bak conf.d modules-enabled sites-enabled conf-enabled netdata.users sites-enabled.bak fastcgi.conf nginx.conf snippets fastcgi_params nginx.conf.2024.10.20.03.13.29 ssl koi-utf proxy_params templates koi-win scgi_params uwsgi_params mime.types sites-available win-utf wqbboymail:/etc/nginx$ ls conf-available modules-available sites-available.bak conf.d modules-enabled sites-enabled conf-enabled netdata.users sites-enabled.bak fastcgi.conf nginx.conf snippets fastcgi_params nginx.conf.2024.10.20.03.13.29 ssl koi-utf proxy_params templates koi-win scgi_params uwsgi_params mime.types sites-available win-utf wqbboymail:/etc/nginx$ ls snippets/ fastcgi-php.conf self-signed.conf snakeoil.conf wqbboymail:/etc/nginx$ ls ssl/ nginx.crt nginx.csr nginx.key wqbboymail:/etc/nginx$ ls sites-available 00-default.conf 00-default-ssl.conf 00-default-ssl.conf.bak wqbboymail:/etc/nginx$ cd sites-available wqbboymail:/etc/nginx/sites-available$ ls 00-default.conf 00-default-ssl.conf 00-default-ssl.conf.bak wqbboymail:/etc/nginx/sites-available$ sudo nano 00-default-ssl.conf 配置 Nginx 以使用自签名 SSL 证书 wqbboymail:/etc/nginx/sites-available$ sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful wqbboymail:/etc/nginx/sites-available$ sudo systemctl restart nginx wqbboymail:/etc/nginx/sites-available$ 修改这个文件的ssl证书的key和crt文件路径。 wqbboymail:/etc/nginx/sites-available$ sudo vi /etc/nginx/templates/ssl.tmpl [sudo] password for wqbboy: wqbboymail:/etc/nginx/sites-available$ sudo vi /etc/nginx/templates/ssl.tmpl 修改完后需要重新加载一下nginx配置 wqbboymail:/etc/nginx/sites-available$ sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful wqbboymail:/etc/nginx/sites-available$ sudo nginx -s reload wqbboymail:/etc/nginx/sites-available$ systemctl reload nginxAUTHENTICATING FOR org.freedesktop.systemd1.manage-units Authentication is required to reload nginx.service. Authenticating as: wqbboy Password:AUTHENTICATION COMPLETE wqbboymail:/etc/nginx/sites-available$ 配置 postfix 编辑 /etc/postfix/main.cf 文件以使用 SSL 证书。 wqbboymail:/etc/nginx/sites-available$ sudo vi /etc/postfix/main.cf wqbboymail:/etc/nginx/sites-available$ cat /etc/postfix/main.cf | grep smtpd smtpd_tls_key_file /etc/nginx/ssl/nginx.key smtpd_tls_cert_file /etc/nginx/ssl/nginx.crt smtpd_tls_CAfile /etc/ssl/certs/ca-certificates.crt smtpd_tls_CApath /etc/ssl/certs smtpd_tls_protocols !SSLv2 !SSLv3 !TLSv1 !TLSv1.1 smtpd_tls_mandatory_protocols !SSLv2 !SSLv3 !TLSv1 !TLSv1.1 smtpd_tls_dh512_param_file /etc/ssl/dh512_param.pem smtpd_tls_dh1024_param_file /etc/ssl/dh2048_param.pem smtpd_tls_loglevel 1 smtpd_tls_security_level may #smtpd_tls_received_header yes # Use the same CA file as smtpd. smtpd_reject_unlisted_recipient yes smtpd_reject_unlisted_sender yes smtpd_command_filter pcre:/etc/postfix/command_filter.pcre smtpd_helo_required yes smtpd_helo_restrictions smtpd_sender_restrictions smtpd_recipient_restrictions smtpd_end_of_data_restrictions smtpd_data_restrictions reject_unauth_pipelining smtpd_discard_ehlo_keywords chunking proxy_read_maps $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions $sender_dependent_relayhost_maps smtpd_sasl_auth_enable yes smtpd_sasl_security_options noanonymous #smtpd_tls_auth_only yes smtpd_sender_login_maps smtpd_sasl_type dovecot smtpd_sasl_path private/dovecot-auth wqbboymail:/etc/nginx/sites-available$ cat /etc/postfix/main.cf | grep smtpd_tls smtpd_tls_key_file /etc/nginx/ssl/nginx.key smtpd_tls_cert_file /etc/nginx/ssl/nginx.crt smtpd_tls_CAfile /etc/ssl/certs/ca-certificates.crt smtpd_tls_CApath /etc/ssl/certs smtpd_tls_protocols !SSLv2 !SSLv3 !TLSv1 !TLSv1.1 smtpd_tls_mandatory_protocols !SSLv2 !SSLv3 !TLSv1 !TLSv1.1 smtpd_tls_dh512_param_file /etc/ssl/dh512_param.pem smtpd_tls_dh1024_param_file /etc/ssl/dh2048_param.pem smtpd_tls_loglevel 1 smtpd_tls_security_level may #smtpd_tls_received_header yes #smtpd_tls_auth_only yes wqbboymail:/etc/nginx/sites-available$ sudo systemctl restart postfix 配置 dovecot 编辑 /etc/dovecot/dovecot.conf文件以使用 SSL 证书。 wqbboymail:/etc/nginx/sites-available$ sudo vi /etc/dovecot/dovecot.conf wqbboymail:/etc/nginx/sites-available$ cat /etc/dovecot/dovecot.conf | greep ssl_ Command greep not found, did you mean:command grep from deb grep (3.7-1build1)command greed from deb greed (4.2-1) Try: sudo apt install deb name wqbboymail:/etc/nginx/sites-available$ cat /etc/dovecot/dovecot.conf | grep ssl_ ssl_min_protocol TLSv1.2 #ssl_ca /path/to/ca ssl_cert /etc/nginx/ssl/nginx.crt ssl_key /etc/nginx/ssl/nginx.key ssl_dh /etc/ssl/dh2048_param.pem ssl_cipher_list EECDHCHACHA20:EECDHAESGCM:EDHAESGCM:AES256EECDH ssl_prefer_server_ciphers yes wqbboymail:/etc/nginx/sites-available$重启 Dovecot wqbboymail:/etc/nginx/sites-available$ sudo systemctl restart dovecot wqbboymail:/etc/nginx/sites-available$

查看全文

http://www.w-s-a.com/news/703835/