{"componentChunkName":"component---node-modules-arcblock-gatsby-theme-docs-src-templates-documentation-js","path":"/zh/misc/generate-wildcard-https-certificate","result":{"data":{"file":{"changeTime":"5 minutes ago","childMarkdownRemark":{"frontmatter":{"author":"zhenqiang","category":"","date":null,"description":"生成通配符 HTTPS 证书","draft":null,"keywords":"https","language":"zh","layout":"documentation","path":"/zh/misc/generate-wildcard-https-certificate","tags":["abtnode"],"title":"生成通配符 HTTPS 证书"},"htmlAst":{"type":"root","children":[{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"如果需要为每一个 Blocklet 配置一个子域名，并且都在相同的二级域名下。那么可以为这些子域名生成通配符证书。比如说，假如我们这些 Blocklet 的二级域名都是 "},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"arcblockio.cn"}]},{"type":"text","value":", 那么我们可以生成一个域名为 "},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"*.arcblockio.cn"}]},{"type":"text","value":" 的证书。"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"本文介绍如何在 CentOS 系统中，使用 "},{"type":"element","tagName":"a","properties":{"href":"https://certbot.eff.org/"},"children":[{"type":"text","value":"Certbot"}]},{"type":"text","value":" 和阿里云 DNS 生成一个 "},{"type":"element","tagName":"a","properties":{"href":"https://letsencrypt.org/"},"children":[{"type":"text","value":"Let’s Encrypt’s"}]},{"type":"text","value":" 通配符证书。"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h2","properties":{"id":"注意","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#%E6%B3%A8%E6%84%8F","ariaLabel":"注意 permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"注意"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"*.arcblockio.cn"}]},{"type":"text","value":" 只会匹配像这样的域名："}]},{"type":"text","value":"\n"},{"type":"element","tagName":"ul","properties":{},"children":[{"type":"text","value":"\n"},{"type":"element","tagName":"li","properties":{},"children":[{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"a.arcblockio.cn"}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"li","properties":{},"children":[{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"b.arcblockio.cn"}]}]},{"type":"text","value":"\n"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"不会匹配更多级域名，比如："}]},{"type":"text","value":"\n"},{"type":"element","tagName":"ul","properties":{},"children":[{"type":"text","value":"\n"},{"type":"element","tagName":"li","properties":{},"children":[{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"c.a.arcblockio.cn"}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"li","properties":{},"children":[{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"d.a.arcblockio.cn"}]}]},{"type":"text","value":"\n"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h2","properties":{"id":"安装-certbot","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#%E5%AE%89%E8%A3%85-certbot","ariaLabel":"安装 certbot permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"安装 Certbot"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"因为 Certbot 的官方插件列表中没有阿里云 DNS, 所以这里只安装 certbot, DNS 需要手动配置一下。"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"pre","properties":{},"children":[{"type":"element","tagName":"code","properties":{"className":["language-bash"],"yum":"","install":"","certbot":""},"children":[{"type":"text","value":"sudo yum install certbot\n"}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"其它平台的安装方式可以在"},{"type":"element","tagName":"a","properties":{"href":"https://certbot.eff.org/"},"children":[{"type":"text","value":"官网"}]},{"type":"text","value":"找到。"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h2","properties":{"id":"手动生成证书","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#%E6%89%8B%E5%8A%A8%E7%94%9F%E6%88%90%E8%AF%81%E4%B9%A6","ariaLabel":"手动生成证书 permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"手动生成证书"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"我们选择生成独立的证书，而不是直接和 Web 服务绑定，所以我们需要在命令行中指定 "},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"certonly"}]},{"type":"text","value":" 和 "},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"--manual"}]},{"type":"text","value":":"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"1-执行命令","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#1-%E6%89%A7%E8%A1%8C%E5%91%BD%E4%BB%A4","ariaLabel":"1 执行命令 permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"1. 执行命令"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"pre","properties":{},"children":[{"type":"element","tagName":"code","properties":{"className":["language-bash"],"certbot":"","certonly":"","--manual":"","-d":"","'*.arcblockio.cn'":"","arcblockio.cn":"","--preferred-challenges":"","dns-01":"","--server":"","https://acme-v02.api.letsencrypt.org/directory":""},"children":[{"type":"text","value":"sudo certbot certonly --manual -d '*.arcblockio.cn' -d arcblockio.cn --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory\n"}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"ul","properties":{},"children":[{"type":"text","value":"\n"},{"type":"element","tagName":"li","properties":{},"children":[{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"-d"}]},{"type":"text","value":": 这里指定了两个值: "},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"*.arcblockio.cn, arcblockio.cn"}]},{"type":"text","value":", 如果只设置了 "},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"*.arcblockio.cn"}]},{"type":"text","value":", 那么域名 "},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"www.arcblockio.cn"}]},{"type":"text","value":" 不会生效"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"li","properties":{},"children":[{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"--preferred-challenges"}]},{"type":"text","value":": 使用 dns 的方式进程域名的认证"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"li","properties":{},"children":[{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"--server"}]},{"type":"text","value":": 默认会使用 Let’s Encrypt’s 的生产服务器，如果是测试的话，且生成的证书比较多，可以使用该参数指定为测试服务器: "},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"--server https://acme-staging-v02.api.letsencrypt.org/directory"}]}]},{"type":"text","value":"\n"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"2-输入邮箱，用来接收更新和安全通知","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#2-%E8%BE%93%E5%85%A5%E9%82%AE%E7%AE%B1%EF%BC%8C%E7%94%A8%E6%9D%A5%E6%8E%A5%E6%94%B6%E6%9B%B4%E6%96%B0%E5%92%8C%E5%AE%89%E5%85%A8%E9%80%9A%E7%9F%A5","ariaLabel":"2 输入邮箱，用来接收更新和安全通知 permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"2. 输入邮箱，用来接收更新和安全通知"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-wrapper"],"style":"position: relative; display: block; margin-left: auto; margin-right: auto; max-width: 920px; "},"children":[{"type":"text","value":"\n      "},{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-background-image"],"style":"padding-bottom: 19.2%; position: relative; bottom: 0; left: 0; background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAECAYAAACOXx+WAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAy0lEQVQY001O6Q6CYAzjYTwBjVGRWxTh4/ADxTtR3/8x6jZj4o+mTbd1NVR5Rl502OUHbNKGoJFs9yjrC7wgJ61Fy5x0tK5EV/srVHlCnNQI4xIRwXFTGIrCan2VpSAqkGat6KKiR6oT/oEDMnXEfJlgOoswm69FW7aH/nCB4diB0bQP6OaO7vyCbu84Xd44dk85ZI8faNrhwFrfxF84W/ihosAYvcE3aGSuBMZv4PqZ1OaW7PGSNfEwtlxiX9i0GR7saUANQ/H/wxgfZJ6LYQWJwjMAAAAASUVORK5CYII='); background-size: cover; display: block;"},"children":[]},{"type":"text","value":"\n  "},{"type":"element","tagName":"img","properties":{"className":["gatsby-resp-image-image"],"alt":"email","title":"email","src":"/abtnode/static/9f2b2293ccfe9b5b5401cb4f0df95469/7132d/email.png","srcSet":["/abtnode/static/9f2b2293ccfe9b5b5401cb4f0df95469/41b2e/email.png 250w","/abtnode/static/9f2b2293ccfe9b5b5401cb4f0df95469/36a81/email.png 500w","/abtnode/static/9f2b2293ccfe9b5b5401cb4f0df95469/7132d/email.png 920w"],"sizes":["(max-width:","920px)","100vw,","920px"],"style":"width:100%;height:100%;margin:0;vertical-align:middle;position:absolute;top:0;left:0;","loading":"lazy"},"children":[]},{"type":"text","value":"\n    "}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"3-同意协议","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#3-%E5%90%8C%E6%84%8F%E5%8D%8F%E8%AE%AE","ariaLabel":"3 同意协议 permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"3. 同意协议"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"需要同意一些协议："}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-wrapper"],"style":"position: relative; display: block; margin-left: auto; margin-right: auto; max-width: 910px; "},"children":[{"type":"text","value":"\n      "},{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-background-image"],"style":"padding-bottom: 80.4%; position: relative; bottom: 0; left: 0; background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAQCAYAAAAWGF8bAAAACXBIWXMAAAsTAAALEwEAmpwYAAACOUlEQVQ4y4VU2ZLaQAz0xyQsu9yHMZcx2GBjfIBZskd2q/L/X9FRazyUK7VJHlTSaMayutUzzmabYeUf4Qcp1ptU/WqdiD+puV6Ibn8htsRgtMZw7GM48jGabGTtoz80Oe63n2ZwztVPJOkzivINl+sHTvkLqusnmKdlsi4v79jHF5yyH/efrPwEMy/CxN1ivtijN1ii1Z7CWUo3s3mkXTKmMeYHJk4QCAoWYmettlvbFA+Prhpjdqcd+hsDlTAXq1hhcYMH7SH7Ie2x493zj51ZIzZ5Z+LuMJ4GwkmgfjgWboQX8sPi/TpW7sR6g1Udb3Rf90YmrwXz4hVH4TA93ZAKR+RJc7K2eebsfny8anx7+YU4qZRbcj5fHvD9YQKHA2Ey2GU4yIEwKtWi/RnbMEd0OGMXFghlzRy9Pbs/XGRdYrvL4clgiMahTCid5TrGIa6UT/6NxcirFowKWRdaiGf5A0K0kFmIMqJ0nKSGwL+7s1B5pBTIS3Mwfw7qK+O+Uz1/4lJ9IBcdZsIdPXWXl6/C0VVl05TF/wo7lgPCIuHUHmGTI8IeyTRtwaZ8/mZOpzfHU9cYOaDv9BZ3o9aYo6fWzFmvznn3b5nTDlUK0k2a3bQjSsReRXZJGtJaNuX5HcX5TQdlc5QYkVEZLOqYB8E8BJxqIPAZc6KETyqajwdRdHvmseCkLRI+INqhuSFbvfC8NcZv9X5TWyxGaN9aYxXuv/jTgnYgQe35N8ujdnPndd7g62sjz78BcCsbz6aAGzEAAAAASUVORK5CYII='); background-size: cover; display: block;"},"children":[]},{"type":"text","value":"\n  "},{"type":"element","tagName":"img","properties":{"className":["gatsby-resp-image-image"],"alt":"agreements","title":"agreements","src":"/abtnode/static/ccefb01a7cf555bd99672d8a4e604da1/48853/agreements.png","srcSet":["/abtnode/static/ccefb01a7cf555bd99672d8a4e604da1/41b2e/agreements.png 250w","/abtnode/static/ccefb01a7cf555bd99672d8a4e604da1/36a81/agreements.png 500w","/abtnode/static/ccefb01a7cf555bd99672d8a4e604da1/48853/agreements.png 910w"],"sizes":["(max-width:","910px)","100vw,","910px"],"style":"width:100%;height:100%;margin:0;vertical-align:middle;position:absolute;top:0;left:0;","loading":"lazy"},"children":[]},{"type":"text","value":"\n    "}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"4-验证域名","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#4-%E9%AA%8C%E8%AF%81%E5%9F%9F%E5%90%8D","ariaLabel":"4 验证域名 permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"4. 验证域名"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Certbot 会要求在 DNS 服务器配置两个 TXT 记录："}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-wrapper"],"style":"position: relative; display: block; margin-left: auto; margin-right: auto; max-width: 888px; "},"children":[{"type":"text","value":"\n      "},{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-background-image"],"style":"padding-bottom: 67.60000000000001%; position: relative; bottom: 0; left: 0; background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAOCAYAAAAvxDzwAAAACXBIWXMAAAsTAAALEwEAmpwYAAAB6klEQVQ4y4WT63LaQAyF/SxpCEm4mjv4hjHGYHNLaNNpp+//Gqo+mWU6SdP+0KxWqz17dKT11vlZiu2r5MWLZOuTrct0L+nqIOvNWVbro/kbjfvDWAajRDq9hTy1pvLcntar+TMzL0p2gnEpineyXO0liLYyD3Jbg6hQfyNhvJXJLJPpfC3t7kIeHkfSfBp/MG++yA2Iy4ByEYB4WRoAj7FvdebypeFLozn8FKwG1ORFWChAJQv1Z8qA/UwfStJK3Dnl8zgl/ss8ksOoLidUpljPj0wXWLU6M7N2t/adbp8COjEfnycGgA91yvrTXKkYuVyuV2dXQLq6q77JtvxqZRW7i6yyo2T5Sbt/sRg+OaNJKuPpSrr94Ab6gaFpp2Wn2UHipDQtaRLdpFFIYDqqMTKA0mWqANTZrSmIz2UuBNdmOCaMDHHH6u7eN6PbToZGcyT3D4ObFB6Da+VpqcZSGbKnVORIdE/O8fTDzgGn2/4wMcasEOr0gpphdfius1ZKtX8z0I3+GvQsdU/sdP4p1eHNAHlgr/kvl1+mKfkHjZfq9wexsfRgAiBfCyb5dUU3kmBh2o1TGY6XOlKh+chCnBxiTkePIIn9QWT0SWTvRum9MSJ/izGf9pfRA+EBqn9MaVohOAn/+xnv7TeXX9HUOHgm3QAAAABJRU5ErkJggg=='); background-size: cover; display: block;"},"children":[]},{"type":"text","value":"\n  "},{"type":"element","tagName":"img","properties":{"className":["gatsby-resp-image-image"],"alt":"verify dns","title":"verify dns","src":"/abtnode/static/ccec990ce737921305c28a753d0fcfeb/cc70e/verify-dns.png","srcSet":["/abtnode/static/ccec990ce737921305c28a753d0fcfeb/41b2e/verify-dns.png 250w","/abtnode/static/ccec990ce737921305c28a753d0fcfeb/36a81/verify-dns.png 500w","/abtnode/static/ccec990ce737921305c28a753d0fcfeb/cc70e/verify-dns.png 888w"],"sizes":["(max-width:","888px)","100vw,","888px"],"style":"width:100%;height:100%;margin:0;vertical-align:middle;position:absolute;top:0;left:0;","loading":"lazy"},"children":[]},{"type":"text","value":"\n    "}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"可以使用 "},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"host"}]},{"type":"text","value":" 命令校验记录是否生效了："}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-wrapper"],"style":"position: relative; display: block; margin-left: auto; margin-right: auto; max-width: 1000px; "},"children":[{"type":"text","value":"\n      "},{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-background-image"],"style":"padding-bottom: 13.600000000000001%; position: relative; bottom: 0; left: 0; background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAADCAYAAACTWi8uAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAqklEQVQI122OSQ6CQBREOYtT3CiKIoMK0nSjIkNLNEG5/zmedK9dvPxK/VSlHC8p8ULFOkpYpSkbJXBFhuuf2fkpQSTZHzIWyz3T+dYymW3/aM9e5970NM+BSve074H69aXqemr9QXcD5eONyBv8QJDlNVJp1PVJLluEbChuHarQXLLKek4UK5K05Hi6Eh8Li38QREaPXhBKq8NxqRyDBlNgwrbMlKvWYn4/ScJoq9UN9AoAAAAASUVORK5CYII='); background-size: cover; display: block;"},"children":[]},{"type":"text","value":"\n  "},{"type":"element","tagName":"img","properties":{"className":["gatsby-resp-image-image"],"alt":"dns txt record","title":"dns txt record","src":"/abtnode/static/1ee513365c87bbaf60d5ddd3d331ed33/ea415/dns-txt.png","srcSet":["/abtnode/static/1ee513365c87bbaf60d5ddd3d331ed33/41b2e/dns-txt.png 250w","/abtnode/static/1ee513365c87bbaf60d5ddd3d331ed33/36a81/dns-txt.png 500w","/abtnode/static/1ee513365c87bbaf60d5ddd3d331ed33/ea415/dns-txt.png 1000w","/abtnode/static/1ee513365c87bbaf60d5ddd3d331ed33/b3d91/dns-txt.png 1023w"],"sizes":["(max-width:","1000px)","100vw,","1000px"],"style":"width:100%;height:100%;margin:0;vertical-align:middle;position:absolute;top:0;left:0;","loading":"lazy"},"children":[]},{"type":"text","value":"\n    "}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"在 DNS 记录生效以后，再按"},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"确认"}]},{"type":"text","value":"键确认生成证书。"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"em","properties":{},"children":[{"type":"text","value":"阿里云 DNS 解析不能为一个记录添加多个值，所以只能添加两个相同的 TXT 记录(\\"}]},{"type":"text","value":"acme-challenge.arcblockio.cn)_"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"5-生成证书","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#5-%E7%94%9F%E6%88%90%E8%AF%81%E4%B9%A6","ariaLabel":"5 生成证书 permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"5. 生成证书"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"生成好的证书放在了 "},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"/etc/letsencrypt/live/[域名]"}]},{"type":"text","value":" 目录中:"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-wrapper"],"style":"position: relative; display: block; margin-left: auto; margin-right: auto; max-width: 1000px; "},"children":[{"type":"text","value":"\n      "},{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-background-image"],"style":"padding-bottom: 11.6%; position: relative; bottom: 0; left: 0; background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAACCAYAAABYBvyLAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAhElEQVQI1x2Myw6CMBRE+RNXxrihxBiNtgWLXEpfBBTU//+R8dLdzJlHEccfYvpCNx5dP+GuLAa/gFgbO2PXz9i7BeXF4CYJ1r3hw4oQPyDO7fDK7Mx5WSkUGyAeqdqhown1I8DxYDskPhZ+xYE7x2sLISSkHtCYANOm3FXszTNlVp00/sh5R9uccy0dAAAAAElFTkSuQmCC'); background-size: cover; display: block;"},"children":[]},{"type":"text","value":"\n  "},{"type":"element","tagName":"img","properties":{"className":["gatsby-resp-image-image"],"alt":"certificates","title":"certificates","src":"/abtnode/static/7e8a49a1c2d9b276be5e3db62f9f702a/ea415/certificates.png","srcSet":["/abtnode/static/7e8a49a1c2d9b276be5e3db62f9f702a/41b2e/certificates.png 250w","/abtnode/static/7e8a49a1c2d9b276be5e3db62f9f702a/36a81/certificates.png 500w","/abtnode/static/7e8a49a1c2d9b276be5e3db62f9f702a/ea415/certificates.png 1000w","/abtnode/static/7e8a49a1c2d9b276be5e3db62f9f702a/2ee20/certificates.png 1113w"],"sizes":["(max-width:","1000px)","100vw,","1000px"],"style":"width:100%;height:100%;margin:0;vertical-align:middle;position:absolute;top:0;left:0;","loading":"lazy"},"children":[]},{"type":"text","value":"\n    "}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"6-举例：在-nginx-中配置证书","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#6-%E4%B8%BE%E4%BE%8B%EF%BC%9A%E5%9C%A8-nginx-%E4%B8%AD%E9%85%8D%E7%BD%AE%E8%AF%81%E4%B9%A6","ariaLabel":"6 举例：在 nginx 中配置证书 permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"6. 举例：在 Nginx 中配置证书"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"pre","properties":{},"children":[{"type":"element","tagName":"code","properties":{"className":["language-nginx"]},"children":[{"type":"text","value":"server {\n    server_name abtnode.arcblockio.cn;\n    listen 443 http2 ssl;\n    ssl on;\n    ssl_certificate /etc/letsencrypt/live/arcblockio.cn/fullchain.pem;\n    ssl_certificate_key /etc/letsencrypt/live/arcblockio.cn/privkey.pem;\n\n    location / {\n      proxy_pass http://127.0.0.1:8080;\n    }\n}\n"}]}]}],"data":{"quirksMode":false}}}}},"pageContext":{"site":{"title":"ABT Node","description":"ABT Node Documentation","siteUrl":"https://docs.arcblock.io","logoUrl":"/abtnode/","sidebarWidth":360,"disableI18n":false,"showGetStarted":true,"defaultBanner":"/abtnode/og-banner.png"},"id":"4dd0b843-b6b5-5f5d-96df-394122cd579c","language":"zh","locale":"zh","languages":[{"value":"en","text":"English"},{"value":"zh","text":"简体中文"}],"headings":[{"value":"注意","depth":2},{"value":"安装 Certbot","depth":2},{"value":"手动生成证书","depth":2},{"value":"1. 执行命令","depth":3},{"value":"2. 输入邮箱，用来接收更新和安全通知","depth":3},{"value":"3. 同意协议","depth":3},{"value":"4. 验证域名","depth":3},{"value":"5. 生成证书","depth":3},{"value":"6. 举例：在 Nginx 中配置证书","depth":3}],"navItems":[{"group":"/home/runner/work/abtnode-docs/abtnode-docs/src","title":"ABT Node","priority":999,"link":"/"}],"version":"v0.2.20","official":true,"originalPath":"/zh/misc/generate-wildcard-https-certificate","sidebarContent":[{"url":null,"title":null,"pages":[{"title":"ABT Node 文档","path":"/zh/"}]},{"url":"/zh/introduction","title":"节点入门","pages":[{"title":"节点功能概览","path":"/zh/introduction/abtnode-overview"},{"title":"如何获取 ABT 节点","path":"/zh/introduction/abtnode-setup"},{"title":"配置并启动 ABT 节点","path":"/zh/introduction/abtnode-access"}]},{"url":"/zh/marketplace","title":"应用市场","pages":[{"title":"查找和安装 Blocklet","path":"/zh/marketplace/find-and-install"},{"title":"升级或降级 Blocklet","path":"/zh/marketplace/upgrade-downgrade"}]},{"url":"/zh/blocklet","title":"应用管理","pages":[{"title":"基本管理操作","path":"/zh/blocklet/basic-operations"},{"title":"环境变量管理","path":"/zh/blocklet/environments"},{"title":"核心 Blocklets","path":"/zh/blocklet/core-blocklets"}]},{"url":"/zh/router","title":"路由管理","pages":[{"title":"什么是路由","path":"/zh/router/what-is-router"},{"title":"路由的基本用法","path":"/zh/router/basic-usage"},{"title":"给站点绑定域名以及启用 SSL","path":"/zh/router/bind-domain-and-ssl"},{"title":"localhost 证书","path":"/zh/router/certificates-for-localhost"}]},{"url":"/zh/deployment","title":"生产环境指南","pages":[{"title":"部署最佳实践","path":"/zh/deployment/best-practice"},{"title":"在 AWS 上部署","path":"/zh/deployment/from-aws-ami"},{"title":"运行在反向代理","path":"/zh/deployment/behind-reverse-proxy"},{"title":"在 Docker 中运行","path":"/zh/deployment/run-in-docker"}]},{"url":"/zh/misc","title":"其他功能","pages":[{"title":"节点配置","path":"/zh/misc/node-settings"},{"title":"成员管理","path":"/zh/misc/member-management"},{"title":"GraphQL 试验台","path":"/zh/misc/graphql-console"}]},{"url":"/zh/developer","title":"开发者指南","pages":[{"title":"配置开发环境","path":"/zh/developer/config-dev-env"},{"title":"ABT 节点 cli 工具","path":"/zh/developer/abtnode-cli"},{"title":"节点配置","path":"/zh/developer/configuration"},{"title":"节点存储目录详解","path":"/zh/developer/storage-structure"},{"title":"Blocklet 规范","path":"/zh/developer/blocklet-spec"},{"title":"创建静态 Blocklets","path":"/zh/developer/static-blocklets"},{"title":"创建 DApp Blocklets","path":"/zh/developer/dapp-blocklets"},{"title":"Blocklet 生命周期钩子","path":"/zh/developer/blocklet-hooks"},{"title":"打包 Blocklet","path":"/zh/developer/bundle-blocklets"},{"title":"发布 Blocklet","path":"/zh/developer/publish-blocklets"},{"title":"Blocklet 仓库","path":"/zh/developer/blocklet-registry"},{"title":"在 Codespaces 中开发 Blocklets","path":"/zh/developer/blocklet-codespaces"},{"title":"为 Blocklet 配置 Auth Service","path":"/zh/developer/auth-service"},{"title":"可组合的 Blocklet","path":"/zh/developer/composable-blocklet"},{"title":"Docker 镜像源列表","path":"/zh/developer/docker-registry"}]}],"communityPath":"https://community.arcblockio.cn","githubUrl":"https://github.com/ArcBlock/abtnode-docs/tree/master/src/misc/generate-wildcard-https-certificate/index.zh.md"}},"staticQueryHashes":["1358860651","1619896071","1812186216","2194038815"]}