安装Certbot客户端

yum install certbot

获取证书

certbot certonly --webroot -w /var/www/demo.com -d demo.com

按照步骤 输入邮箱 同意条例

成功申请证书

修改对应的nginx的conf文件

server {
    listen 80;
    listen [::]:80;
    server_name demo.com;

    # 将 HTTP 请求重定向到 HTTPS
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name demo.com;

    ssl_certificate /etc/letsencrypt/live/demo.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/demo.com/privkey.pem;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:CHACHA20-POLY1305:RSA+AES256:RSA+AES128';
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;

    root /data/ui2;
    index index.html index.htm index.php;

    location / {
        try_files $uri $uri/ /index.html;
    }
}

重启nginx

sudo systemctl reload nginx

然后配置定时任务

完成！！！