https://www.oschina.net/news/94188/acme-v2-and-wildcard-certificate-support-is-live https://my.oschina.net/kimver/blog/1634575 https://github.com/Neilpang/acme.sh/wiki/%E8%AF%B4%E6%98%8E ## Nginxåå‘ä»£ç†httpçš„tomcat 1,æ‰§è¡Œ curl https://get.acme.sh | sh 2,æ‰§è¡Œ source ~/.bashrc 3,æ‰§è¡Œ # é˜¿é‡Œäº‘åŽå°çš„å¯†é’¥ export Ali_Key="1858118" export Ali_Secret="1858118" # å¡«å†™è‡ªå·±çš„åŸŸå acme.sh --issue --dns dns_ali -d springboot.io -d *.springboot.io * acme.shæ¯”certbotçš„æ–¹å¼æ›´åŠ è‡ªåŠ¨åŒ–,çœåŽ»äº†æ‰‹åŠ¨åŽ»åŸŸååŽå°æ”¹DNSè®°å½•çš„æ¥éª¤,è€Œä¸”ä¸ç”¨ä¾èµ–Python * ç¬¬ä¸€æ¬¡æˆåŠŸä¹‹åŽ,acme.shä¼šè®°å½•ä¸‹App_Keyè·ŸApp_Secret,å¹¶ä¸”ç”Ÿæˆä¸€ä¸ªå®šæ—¶ä»»åŠ¡,æ¯å¤©å‡Œæ™¨0ï¼š00è‡ªåŠ¨æ£€æµ‹è¿‡æœŸåŸŸåå¹¶ä¸”è‡ªåŠ¨ç»æœŸ * å¯¹è¿™ç§æ–¹å¼æœ‰é¡¾è™‘çš„,è¯·æ…Žé‡,ä¸è¿‡ä¹Ÿå¯ä»¥è‡ªè¡Œåˆ æŽ‰ç”¨æˆ·çº§çš„å®šæ—¶ä»»åŠ¡,å¹¶ä¸”æ¸…ç†æŽ‰~/.acme.shæ–‡ä»¶å¤¹å°±è¡Œ 4,åœ¨è¯ä¹¦ç”Ÿæˆç›®å½•æ‰§è¡Œ acme.sh --installcert -d springboot.io -d *.springboot.io \ --keypath /usr/local/ssl/springboot/springboot.io.key \ --fullchainpath /usr/local/ssl/springboot/springboot.io.pem * ä¼šæŠŠkeyå’Œpemç”Ÿæˆåˆ°æŒ‡å®šçš„ç›®å½• 5,é…ç½®nginx server { listen 443; server_name springboot.io www.springboot.io; ssl on; ssl_certificate /usr/local/ssl/springboot/springboot.io.pem; ssl_certificate_key /usr/local/ssl/springboot/springboot.io.key; access_log logs/springboot.io.log main; error_log logs/springboot.io.error.log; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Requested-For $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; location / { proxy_pass http://127.0.0.1:1024; proxy_connect_timeout 600; proxy_read_timeout 600; } } server { listen 80; server_name springboot.io www.springboot.io; return 301 https://springboot.io$request_uri; } ## Springbootå•ç‹¬é…ç½® 1,(åœ¨è¯ä¹¦ç”Ÿæˆç›®å½•)ç”Ÿæˆkeystore * ç”Ÿæˆ p12 æ–‡ä»¶(ä¼šè¾“å…¥ä¸€æ¬¡å¯†ç ) openssl pkcs12 -export -in fullchain.cer -inkey springboot.io.key -out springboot.io.p12 * æ ¹æ®p12 æ–‡ä»¶ç”Ÿæˆ keystore æ–‡ä»¶ keytool -importkeystore -v -srckeystore springboot.io.p12 -srcstoretype pkcs12 -srcstorepass [ç”Ÿæˆp2æ–‡ä»¶çš„å¯†ç ] -destkeystore springboot.io.keystore -deststoretype jks -deststorepass [key.storeçš„å¯†ç ] * å¦‚æžœæç¤ºè¦å‘Š,å¯ä»¥è€ƒè™‘æ ¹æ®è¦å‘Šçš„å‘½ä»¤,å†æ‰§è¡Œä¸€æ³¢ keytool -importkeystore -srckeystore springboot.io.keystore -destkeystore springboot.io.keystore -deststoretype pkcs12 2,springbooté…ç½® #ssl server.ssl.enabled=true server.ssl.key-store=classpath:ssl/springboot.io.p12 server.ssl.key-store-type=PKCS12 server.ssl.key-store-password=[key.storeçš„å¯†ç ] ---------------------------------- _add_a_and_b: push %ebx mov %eax, [%esp+8] mov %ebx, [%esp+12] add %eax, %ebx pop %ebx ret _main: push 3 push 2 call _add_a_and_b add %esp, 8 ret