update

iskey · Jan 31, 2024 · cac2529 · cac2529
1 parent 8e0a07e
commit cac2529
Showing 1 changed file with 40 additions and 12 deletions.
diff --git a/docs/Linux/System/Caddy服务器.md b/docs/Linux/System/Caddy服务器.md
@@ -77,31 +77,59 @@ or
 docker build . -t caddy_with_godaddy:latest
 ```
 
+
+## caddy自动获取证书
+
+Caddy配置如下，可以自动生成主域名证书和子域名证书，前提是要使用如上构建的带有godaddy的模块的caddy镜像
+
+```
+*.mydomain.com:443 {
+    tls {
+      dns godaddy KEY:SK
+    }
+    #root * /data/html
+    reverse_proxy localhost:443
+
+    # Enable the static file server.
+    #file_server  browse
+}
+
+mydomain.com:443 {
+    tls {
+      dns godaddy KEY:SK
+    }
+    root * /data/html
+
+    # Enable the static file server.
+    file_server  browse
+}
+```
+
 ## 手动获取证书
 
 
 参考手动申请域名进行多域名申请，[[Lets Encrypt证书生成#DNS手动申请域名/泛域名证书]]
 
 
 ```bash
-acme.sh --issue -d isnokey.shop -d *.isnokey.shop --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please
+acme.sh --issue -d mydomain.com -d *.mydomain.com --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please
 
-acme.sh --renew -d isnokey.shop -d *.isnokey.shop --yes-I-know-dns-manual-mode-enough-go-ahead-please
+acme.sh --renew -d mydomain.com -d *.mydomain.com --yes-I-know-dns-manual-mode-enough-go-ahead-please
 ```
 
 
-acme.sh --renew -d isnokey.shop -d *.isnokey.shop --yes-I-know-dns-manual-mode-enough-go-ahead-please
+acme.sh --renew -d mydomain.com -d *.mydomain.com --yes-I-know-dns-manual-mode-enough-go-ahead-please
 ```
-[Mon Jan 29 18:33:40 CST 2024] The domain 'isnokey.shop' seems to have a ECC cert already, lets use ecc cert.
-[Mon Jan 29 18:33:40 CST 2024] Renew: 'isnokey.shop'
+[Mon Jan 29 18:33:40 CST 2024] The domain 'mydomain.com' seems to have a ECC cert already, lets use ecc cert.
+[Mon Jan 29 18:33:40 CST 2024] Renew: 'mydomain.com'
 [Mon Jan 29 18:33:40 CST 2024] Renew to Le_API=https://acme.zerossl.com/v2/DV90
 [Mon Jan 29 18:33:41 CST 2024] Using CA: https://acme.zerossl.com/v2/DV90
-[Mon Jan 29 18:33:41 CST 2024] Multi domain='DNS:isnokey.shop,DNS:*.isnokey.shop'
+[Mon Jan 29 18:33:41 CST 2024] Multi domain='DNS:mydomain.com,DNS:*.mydomain.com'
 [Mon Jan 29 18:33:41 CST 2024] Getting domain auth token for each domain
-[Mon Jan 29 18:33:41 CST 2024] Verifying: isnokey.shop
+[Mon Jan 29 18:33:41 CST 2024] Verifying: mydomain.com
 [Mon Jan 29 18:33:52 CST 2024] Processing, The CA is processing your order, please just wait. (1/30)
 [Mon Jan 29 18:33:56 CST 2024] Success
-[Mon Jan 29 18:33:56 CST 2024] Verifying: *.isnokey.shop
+[Mon Jan 29 18:33:56 CST 2024] Verifying: *.mydomain.com
 [Mon Jan 29 18:33:57 CST 2024] Processing, The CA is processing your order, please just wait. (1/30)
 [Mon Jan 29 18:34:01 CST 2024] Success
 [Mon Jan 29 18:34:01 CST 2024] Verify finished, start to sign.
@@ -137,8 +165,8 @@ ZXkuc2hvcDAKBggqhkjOPQQDAwNpADBmAjEAh46y+VcCPntVv29jn862bMhaYu/s
 MXZpc+x78579NGEHPxwl7d95lRpyzy2MBGOiAjEA7fz/gWhH+g9Jg7aNqKW6PgdR
 92uyLKNDh4e2Ve/O61ytdZrljjINdLTCbNL3G8Pd
 -----END CERTIFICATE-----
-[Mon Jan 29 18:34:26 CST 2024] Your cert is in: /home/iskey/.acme.sh/isnokey.shop_ecc/isnokey.shop.cer
-[Mon Jan 29 18:34:26 CST 2024] Your cert key is in: /home/iskey/.acme.sh/isnokey.shop_ecc/isnokey.shop.key
-[Mon Jan 29 18:34:26 CST 2024] The intermediate CA cert is in: /home/iskey/.acme.sh/isnokey.shop_ecc/ca.cer
-[Mon Jan 29 18:34:26 CST 2024] And the full chain certs is there: /home/iskey/.acme.sh/isnokey.shop_ecc/fullchain.cer
+[Mon Jan 29 18:34:26 CST 2024] Your cert is in: /home/iskey/.acme.sh/mydomain.com_ecc/mydomain.com.cer
+[Mon Jan 29 18:34:26 CST 2024] Your cert key is in: /home/iskey/.acme.sh/mydomain.com_ecc/mydomain.com.key
+[Mon Jan 29 18:34:26 CST 2024] The intermediate CA cert is in: /home/iskey/.acme.sh/mydomain.com_ecc/ca.cer
+[Mon Jan 29 18:34:26 CST 2024] And the full chain certs is there: /home/iskey/.acme.sh/mydomain.com_ecc/fullchain.cer
 ```