CertBot官网 点它------------------------------------------------------>点我
1：执行以下命令安装certbot-auto：

wget https://dl.eff.org/certbot-auto
 
sudo mv certbot-auto /usr/local/bin/certbot-auto
 
sudo chown root /usr/local/bin/certbot-auto
 
sudo chmod 0755 /usr/local/bin/certbot-auto

2：获取SSL证书：

2.1：自动配置: 运行此命令以获取证书，并让Certbot自动编辑Nginx配置以为其提供服务，只需一步即可打开HTTPS访问。

sudo /usr/local/bin/certbot-auto --nginx

2.2：手动配置：手动更改Nginx配置，请运行此命令。

sudo /usr/local/bin/certbot-auto certonly --nginx

3：设置自动续订

echo "0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/local/bin/certbot-auto renew" | sudo tee -a /etc/crontab > /dev/null```

4：nginx使用SSL证书

server {
    listen 80;
    listen 443 ssl;
    server_name you.domain.com;
    ssl_certificate /etc/letsencrypt/live/you.domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/you.domain.com/privkey.pem; 

    # ...
}