Ezinye iipakeji zokubamba ezabelwana ngazo nge-cPanel aziboneleli nge -AutoSSL , okanye kuphela kwizicwangciso ezibiza kakhulu. Ngenxa yoko, awunakukhupha isatifikethi sasimahla se-Let's Encrypt nge-interface ye-cPanel, kwaye zonke iidomeyini zinamathele kwisatifikethi esisayinwe nguwe. Isikhangeli sibonisa iphepha njengelithi "alikhuselekanga." Isisombululo: fumana isatifikethi ngokwakho usebenzisa i-acme.sh kwaye usifake nge-cPanel UAPI - ihlaziywa ngokuzenzekelayo, ngaphandle kwe-AutoSSL.
I-HTTPS ibisoloko iyimfuneko. Kuyacaphukisa ngakumbi ke ngoko, xa iphakheji yakho yokubamba inganikeli ngendlela elula yokufumana isatifikethi sasimahla. Oku kwenzeka rhoqo kunokuba unokucinga, umzekelo ngeepakeji ezingabizi kakhulu zokungena okanye emva kotshintsho lwesicwangciso apho isatifikethi singasafakwanga ngequbuliso. Nangona kunjalo, esi sikhewu sinokuvalwa kakuhle nangokusisigxina ngemigca embalwa yekhowudi kwiqokobhe - inkqubo epheleleyo ichazwe ngezantsi.
1. Ngena nge-SSH
ssh -p <port> <user>@example.com
2. Faka i-acme.sh
curl https://get.acme.sh | sh -s email=me@example.com
source ~/.bashrc
3. Seta i-Masibhale nge-Encrypt njenge-CA
acme.sh --set-default-ca --server letsencrypt
4. Isatifikethi sokukhupha
acme.sh --issue -d example.com -d www.example.com -w ~/public_html
5. Faka kwi-cPanel
acme.sh --deploy -d example.com --deploy-hook cpanel_uapi
6. Itshekhi
uapi SSL installed_hosts
echo | openssl s_client -servername example.com -connect example.com:443 2>/dev/null \
| openssl x509 -noout -issuer -dates
I-hook ibhala isatifikethi kwi-virtual host efanelekileyo nge-UAPI. Useto lokusasazwa lugcinwa – ukususela ngoku, i-cron iya kuhlaziya ngokuzenzekelayo kwaye ifake yonke into ngaphambi kokuba iphelelwe lixesha. Umniki-sicelo ngu-"Masibhale Ngekhowudi," kwaye umhla wokuphelelwa lixesha umalunga neentsuku ezingama-90 kwixesha elizayo. Ukuba isatifikethi esidala, esisayinwe sisabonakala, ukulayisha kwakhona okuqinileyo kwisikhangeli kudla ngokunceda – isatifikethi sangaphambili sinokugcinwa okwethutyana.
Abanye ababuki be-host baqhuba i-cPanel hook yabo. install_ssl kwaye uphendula ngento efana adminbin Cpanel/hooks2/...: exit 255. i-acme.sh isaxela ukuba "isetyenziswe ngempumelelo" - kwaye oko kuchanekile. Kule meko, i-hook iyasilela ngenxa yenyathelo elilandelayo (elifana nomsebenzi wokwazisa wangaphakathi okanye wokuvumelanisa ngumboneleli we-hosting), hayi ukufakwa kwangempela.
Kwiindawo ezine-umlauts, i-acme.sh igcina isatifikethi ngaphakathi kwifomu yePunycode (xn--…), ngelixa i-auto-matcher ye-hook ithelekisa ifom ye-Unicode. Isiphumo: "ithunyelwe kwiindawo ezili-0 kwezili-0" - akukho nto ifakiweyo. Into efihlakeleyo kukuba i-acme.sh ikwabika "Impumelelo" apha, ngoko ke impazamo ayijongwa lula. Isisombululo: Sebenza ngokuthe ngqo ne-Punycode domain kwaye ukhubaze ukufanisa ngokuzenzekelayo.:
python3 -c "import sys;print(sys.argv[1].encode('idna').decode())" hallöle.de
acme.sh --issue -d xn--hallle-zxa.de -d www.xn--hallle-zxa.de -w ~/public_html
export DEPLOY_CPANEL_AUTO_ENABLED='false'
acme.sh --deploy -d xn--hallle-zxa.de --deploy-hook cpanel_uapiNgokufikelela kwi-SSH, awudingi i-AutoSSL: i-acme.sh ikhupha isatifikethi, esi cpanel_uapiI--Hook iyayifaka, kwaye umsebenzi we-cron obandakanyiweyo uyigcina ihlaziywa ngokuzenzekelayo. Nje ukuba imiselwe, inkonzo ye-HTTPS yasimahla isebenza yodwa ngokuqhubekayo. Abo batyala imali yokuqala bayasindisa yonke inguqulelo eyenziwe ngesandla kwixesha elizayo - kwaye banokwandisa isisombululo esifanayo kuyo nayiphi na idomeyini eyongezelelweyo kwiakhawunti enye ngomyalelo omnye.