1、 Download tool
wget https://dl.eff.org/certbot-auto
2、 Application ssl
./certbot-auto certonly -d "*.affgt.com" --manual --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory
Replace "*.affgt.com" with your own domain name.
Then follow the diagram to fill in the mail and other information.Need to add DNS TXT, wait for parsing and then go down.
Note: Confirm the command to resolve to TXT:
dig -t txt _acme-challenge.affgt.com @8.8.8.8
If there is no dig command to use yum install:
yum install -y bind-utils
After parsing, return to the original terminal and press Enter1 to confirm.
3、 You can use the command to view the certificate information:
openssl x509 -in /etc/letsencrypt/live/affgt.com/cert.pem -noout -text
4、90 days renewal
certbot-auto renew
5、You can set ssl in the Nginx configuration file.
My original text is here: https://www.affgt.com/index.php/551/