Ezinye iipakeji zokubamba ezabelwana ngazo nge-cPanel aziboneleli nge -AutoSSL – okanye kuphela kwizicwangciso ezibiza kakhulu. Ngenxa yoko, awunakukhupha isatifikethi sasimahla se-Let's Encrypt nge-interface ye-cPanel, kwaye zonke iidomeyini zinamathele kwisatifikethi esizityikitye ngokwazo . Isikhangeli sibonisa iphepha njengelithi "alikhuselekanga." Isisombululo: fumana isatifikethi ngokwakho usebenzisa i-acme.sh kwaye usifake nge-cPanel UAPI. Siza kuhlaziya ngokuzenzekelayo, ngaphandle kokufuna i-AutoSSL.
I-HTTPS ngoku iyimfuneko: okubangela ukuba kube nzima ngakumbi xa iphakheji yakho yokubamba inganikeli ngendlela elula yokufumana isatifikethi sasimahla. Oku kwenzeka rhoqo kunokuba unokucinga - umzekelo, ngeepakeji ezingabizi kakhulu zokungena okanye emva kotshintsho lwesicwangciso apho isatifikethi singasafakwanga ngequbuliso. Nangona kunjalo, esi sikhewu sinokuvalwa kakuhle nangokusisigxina ngemigca embalwa yekhowudi kwiqokobhe - inkqubo epheleleyo ichazwe ngezantsi.
1. Ngena nge-SSH
ssh -p <port> <cpanel-user>@<host>
2. Faka i-acme.sh
curl https://get.acme.sh | sh -s email=du@example.com
source ~/.bashrc
3. Seta i-Masibhale nge-Encrypt njenge-CA
acme.sh --set-default-ca --server letsencrypt
4. Isatifikethi sokukhupha
acme.sh --issue -d example.com -d www.example.com -w ~/public_html
5. Faka kwi-cPanel
acme.sh --deploy -d example.com --deploy-hook cpanel_uapi
6. Itshekhi
uapi SSL installed_hosts
echo | openssl s_client -servername example.com -connect example.com:443 2>/dev/null \
| openssl x509 -noout -issuer -dates
I-hook ibhala isatifikethi kwi-virtual host efanelekileyo nge-UAPI. Useto lokusasazwa lugcinwa – ukususela ngoku, i-cron iya kuhlaziya ngokuzenzekelayo kwaye ifake yonke into ngaphambi kokuba iphelelwe lixesha. Umniki-sicelo kufuneka abe yi-"Masibhale Ngekhowudi," kwaye umhla wokuphelelwa kufuneka ube malunga neentsuku ezingama-90 kwixesha elizayo. Ukuba isatifikethi esidala, esisayinwe sisabonakala, ukulayisha kwakhona okuqinileyo kwisikhangeli kudla ngokunceda – isatifikethi sangaphambili sinokugcinwa okwethutyana.
Abanye ababuki be-host baqhuba i-cPanel hook yabo. install_ssl kwaye uphendula ngento efana adminbin Cpanel/hooks2/...: exit 255. I-acme.sh isaxela ukuba "isetyenziswe ngempumelelo" - kwaye oko kudla ngokuba yinyani. Kwimeko enjalo, i-hook iyasilela ngenxa yenyathelo elilandelayo - njengokwazisa kwangaphakathi okanye umsebenzi wokuvumelanisa ngumboneleli we-hosting - kungekhona ukufakwa kwangempela.
Kwiindawo ezine-umlauts, i-acme.sh igcina isatifikethi ngaphakathi kwifomu yePunycode (xn--…), ngelixa i-auto-matcher ye-hook ithelekisa ifom ye-Unicode. Isiphumo: "ithunyelwe kwiindawo ezili-0 kwezili-0" - akukho nto ifakiweyo. Inxalenye enzima: i-acme.sh ikwabika "Impumelelo" apha, ngoko ke impazamo ayijongwa lula. Isisombululo: sebenza ngokuthe ngqo ne-Punycode domain kwaye ukhubaze ukufanisa ngokuzenzekelayo.:
# Punycode-Form der Domain vorher ermitteln (z. B. via idn-Tool oder Online-Konverter)
acme.sh --issue -d xn--<punycode> -d www.xn--<punycode> -w ~/public_html
export DEPLOY_CPANEL_AUTO_ENABLED='false'
acme.sh --deploy -d xn--<punycode> --deploy-hook cpanel_uapiNgokufikelela kwi-SSH, awudingi i-AutoSSL: i-acme.sh ikhupha isatifikethi, esi cpanel_uapiI--Hook iyayifaka, kwaye umsebenzi we-cron obandakanyiweyo uyigcina ihlaziywa ngokuzenzekelayo. Nje ukuba imiselwe, inkonzo ye-HTTPS yasimahla isebenza yodwa ngokuqhubekayo. Abo batyala imali yokuqala bayasindisa yonke inguqulelo eyenziwe ngesandla kwixesha elizayo - kwaye banokwandisa isisombululo esifanayo kuyo nayiphi na idomeyini eyongezelelweyo kwiakhawunti enye ngomyalelo omnye.