Just Do It ! 행동하지 않으면 성공도 실패도 없다

Https 서비스를 위한 TLS 인증서 만들기 https://github.com/jupilhwang/mk-ssl-cert-key $DOMAIN 값을 원하는 도메인(FQDN)으로 지정한다. export DOMAIN=example.com curl https://raw.githubusercontent.com/jupilhwang/mk-ssl-cert-key/master/mk-ssl-cert-key.sh | bash - #!/bin/bash set -e SCRIPTDIR=$(cd $(dirname "$0") && pwd -P) : ${DOMAIN:?must be set the DNS domain root (ex: example.com)} : ${KEY_BITS:=4096} : ${DAYS:=1825} # Generate CA Certificate openssl req -new -x509 -nodes -sha256 -newkey rsa:${KEY_BITS} -days ${DAYS} -keyout ${DOMAIN}.ca.key.pkcs8 -out ${DOMAIN}.ca.crt -config <( cat << EOF [ req ] prompt = no distinguished_name = dn [ dn ] C = KR O = Private CN = Autogenerated CA EOF ) # Generate Private key with CA Certificate key openssl rsa -in ${DOMAIN}.

TLS Let’s Encrypted certbot certbot 설치 PIP로 설치 Package Management로 설치 Enable the universe repository sudo apt-get install software-properties-common sudo add-apt-repository universe sudo apt-get update Install certbot sudo apt install certbot certbot certonly --manual \ --preferred-challengers=dns \ --email jupil.hwang@gmail.com \ --server https://acme-v02.api.letsencrypt.org/directory \ --agress-tos \ -d *.harbor.lgvmw01.local