I have previously written a "Apply for Let’s Encrypt wildcard certificate on Windows」,This article is mainly through “Get HTTPS for free!” The website applies for or extends the certificate manually。When a new website was launched recently,Try to apply with WIN-ACME tool,to make it easier to use its automatic extension later (renewal) Features。
◎ First to WIN-ACME GitHub Download the latest tools,Here is win-acme.v2.1.22.1260.x64.pluggable.zip as an example。
◎ After downloading and unzipping,Execute wacs.exe as "system administrator"。
◎ Next,Mainly for the official WIN-ACME Example of an apache environmentSetting。
◎ Input “m”,Manually set each parameter。
◎ Input “m” or press Enter (Default m),Manually set each parameter。
◎ Enter the URL where you want to apply for a certificate,such as www.abc.com。
◎ Enter a recognizable alias for this domain name,or press Enter to use the default。
◎ Input “1”,Provide the native website directory path for domain name verification。
◎ Enter the root directory path of the local website,as C:\WebApache24htdocsabc。
◎ Input “yes”,Allow program to copy web.config to website directory for verification。
◎ Input “2” or press Enter (preset 2),Generate private key with RSA。
◎ Input “2”,to generate a PEM credential file for apache。
◎ Enter the directory path where you want to store the credential file,as C:\WebSSL。
◎ Input “2”,Add a password to the private key,or enter “1” not encrypted。
◎ If not, generate a second certificate,Import “5” or press Enter (preset 5) Carry on。
◎ If there are no special needs,Import “3” or press Enter (preset 3) Carry on。
◎ After verification,A new schedule to check for document updates will be added to the Job Scheduler,If you do not need to perform this work in a specific capacity,Import “no” Carry on。
◎ here,Complete the certificate application。
◎ Then you can confirm the certificate just generated in the certificate directory。
Note. *-crt.pem + *-chain-only.pem = *-chain.pem
◎ In the "Work Scheduler", you can see that a new WIN-ACME project has been added。
◎ Open httpd-ahssl.conf of apache (or httpd-ssl.conf or httpd.conf,look at your environment),Add a set of SSL VirtualHost。
<VirtualHost *:443> SSLEngine on ServerName www.abc.com:443 SSLCertificateFile "C:\Web\SSL\www.abc.com-chain.pem" SSLCertificateKeyFile "C:\Web\SSL\www.abc.com-key.pem" DocumentRoot "${SRVROOT}/htdocs/abc" </virtualhost>
◎ If 80 port's VirtualHost is not closed,but want to 80 Automatically go to 443,Available at 80 port's VirtualHost increased “Redirect” parameter。
<VirtualHost *> DocumentRoot C:\Web\Apache24\htdocs\abc ServerName www.abc.com Redirect / https://www.abc.com/ </VirtualHost>
Note. https://www.abc.com/ should be followed by a slash,This will convert http://www.abc.com/def leads to https://www.abc.com/def,Otherwise it will become http://www.abc.comdef。
[Links]
- Apply for Let’s Encrypt wildcard certificate on Windows | Old Sen Chang Tan
- Releases · win-acme/win-acme · GitHub
- win-acme
- [apache] Install Free SSL and Setup 80 轉 443 fro windows | Code farmer walking in the ocean – Point of tribal
- Apache redirects to HTTPS – SSL Website Security Certificate – ztabox.com
- Windows 版 Let’s Encrypt for Apache | Lao Hong's IT Learning System