{"id":10127,"date":"2023-12-27T13:48:07","date_gmt":"2023-12-27T10:18:07","guid":{"rendered":"https:\/\/rasanegar.com\/blog\/apache-%d8%b1%d8%a7-%d8%a8%d8%a7-lets-encrypt-%d8%b1%d9%88%d8%b4%d9%86-%da%a9%d9%86%db%8c%d8%af-centos-8\/"},"modified":"2023-12-27T13:48:07","modified_gmt":"2023-12-27T10:18:07","slug":"apache-%d8%b1%d8%a7-%d8%a8%d8%a7-lets-encrypt-%d8%b1%d9%88%d8%b4%d9%86-%da%a9%d9%86%db%8c%d8%af-centos-8","status":"publish","type":"post","link":"https:\/\/rasanegaar.com\/blog\/apache-%d8%b1%d8%a7-%d8%a8%d8%a7-lets-encrypt-%d8%b1%d9%88%d8%b4%d9%86-%da%a9%d9%86%db%8c%d8%af-centos-8\/","title":{"rendered":"Apache \u0631\u0627 \u0628\u0627 Let&#8217;s Encrypt \u0631\u0648\u0634\u0646 \u06a9\u0646\u06cc\u062f CentOS 8"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\"><p class=\"ez-toc-title\" style=\"cursor:inherit\">\u0633\u0631\u0641\u0635\u0644\u0647\u0627\u06cc \u0645\u0637\u0644\u0628<\/p>\n<\/div><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/rasanegaar.com\/blog\/apache-%d8%b1%d8%a7-%d8%a8%d8%a7-lets-encrypt-%d8%b1%d9%88%d8%b4%d9%86-%da%a9%d9%86%db%8c%d8%af-centos-8\/#%d9%be%db%8c%d8%b4_%d9%86%db%8c%d8%a7%d8%b2%d9%87%d8%a7\" >\u067e\u06cc\u0634 \u0646\u06cc\u0627\u0632\u0647\u0627<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/rasanegaar.com\/blog\/apache-%d8%b1%d8%a7-%d8%a8%d8%a7-lets-encrypt-%d8%b1%d9%88%d8%b4%d9%86-%da%a9%d9%86%db%8c%d8%af-centos-8\/#certbot_%d8%b1%d8%a7_%d9%86%d8%b5%d8%a8_%da%a9%d9%86%db%8c%d8%af\" >Certbot \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/rasanegaar.com\/blog\/apache-%d8%b1%d8%a7-%d8%a8%d8%a7-lets-encrypt-%d8%b1%d9%88%d8%b4%d9%86-%da%a9%d9%86%db%8c%d8%af-centos-8\/#%da%af%d8%b1%d9%88%d9%87_strong_dh_diffie-hellman_%d8%b1%d8%a7_%d8%a7%db%8c%d8%ac%d8%a7%d8%af_%da%a9%d9%86%db%8c%d8%af\" >\u06af\u0631\u0648\u0647 Strong Dh (Diffie-Hellman) \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/rasanegaar.com\/blog\/apache-%d8%b1%d8%a7-%d8%a8%d8%a7-lets-encrypt-%d8%b1%d9%88%d8%b4%d9%86-%da%a9%d9%86%db%8c%d8%af-centos-8\/#%d8%af%d8%b1%db%8c%d8%a7%d9%81%d8%aa_%da%af%d9%88%d8%a7%d9%87%db%8c%d9%86%d8%a7%d9%85%d9%87_lets_encrypt_ssl\" >\u062f\u0631\u06cc\u0627\u0641\u062a \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 Let&#8217;s Encrypt SSL<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/rasanegaar.com\/blog\/apache-%d8%b1%d8%a7-%d8%a8%d8%a7-lets-encrypt-%d8%b1%d9%88%d8%b4%d9%86-%da%a9%d9%86%db%8c%d8%af-centos-8\/#%d8%aa%d9%85%d8%af%db%8c%d8%af_%d8%ae%d9%88%d8%af%da%a9%d8%a7%d8%b1_%da%af%d9%88%d8%a7%d9%87%db%8c%d9%86%d8%a7%d9%85%d9%87_lets_encrypt_ssl\" >\u062a\u0645\u062f\u06cc\u062f \u062e\u0648\u062f\u06a9\u0627\u0631 \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 Let&#8217;s Encrypt SSL<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/rasanegaar.com\/blog\/apache-%d8%b1%d8%a7-%d8%a8%d8%a7-lets-encrypt-%d8%b1%d9%88%d8%b4%d9%86-%da%a9%d9%86%db%8c%d8%af-centos-8\/#%d9%86%d8%aa%db%8c%d8%ac%d9%87\" >\u0646\u062a\u06cc\u062c\u0647<\/a><\/li><\/ul><\/nav><\/div>\n<span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">\u0632\u0645\u0627\u0646 \u0644\u0627\u0632\u0645 \u0628\u0631\u0627\u06cc \u0645\u0637\u0627\u0644\u0639\u0647: <\/span> <span class=\"rt-time\"> 5<\/span> <span class=\"rt-label rt-postfix\">\u062f\u0642\u06cc\u0642\u0647<\/span><\/span><p> <br \/>\n<br \/><\/p>\n<div class=\"markdown\">\n<p>Let&#8217;s Encrypt \u06cc\u06a9 \u0645\u0631\u062c\u0639 \u06af\u0648\u0627\u0647\u06cc \u0631\u0627\u06cc\u06af\u0627\u0646\u060c \u062e\u0648\u062f\u06a9\u0627\u0631 \u0648 \u0628\u0627\u0632 \u0627\u0633\u062a \u06a9\u0647 \u062a\u0648\u0633\u0637 \u06af\u0631\u0648\u0647 \u062a\u062d\u0642\u06cc\u0642\u0627\u062a\u06cc \u0627\u0645\u0646\u06cc\u062a \u0627\u06cc\u0646\u062a\u0631\u0646\u062a (ISRG) \u062a\u0648\u0633\u0639\u0647 \u06cc\u0627\u0641\u062a\u0647 \u0648 \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc SSL \u0631\u0627\u06cc\u06af\u0627\u0646 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f.<\/p>\n<p>\u06af\u0648\u0627\u0647\u06cc\u200c\u0647\u0627\u06cc \u0635\u0627\u062f\u0631 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 Let&#8217;s Encrypt \u0645\u0648\u0631\u062f \u0627\u0639\u062a\u0645\u0627\u062f \u0647\u0645\u0647 \u0645\u0631\u0648\u0631\u06af\u0631\u0647\u0627\u06cc \u0627\u0635\u0644\u06cc \u0647\u0633\u062a\u0646\u062f \u0648 90 \u0631\u0648\u0632 \u0627\u0632 \u062a\u0627\u0631\u06cc\u062e \u0635\u062f\u0648\u0631 \u0627\u0639\u062a\u0628\u0627\u0631 \u062f\u0627\u0631\u0646\u062f.<\/p>\n<p>\u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u0631\u0648\u0634 \u0646\u0635\u0628 \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 \u0631\u0627\u06cc\u06af\u0627\u0646 Let&#8217;s Encrypt SSL \u0631\u0627 \u062a\u0648\u0636\u06cc\u062d \u0645\u06cc \u062f\u0647\u062f CentOS 8 \u0627\u062c\u0631\u0627\u06cc \u0622\u067e\u0627\u0686\u06cc \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0648\u0628 \u0633\u0631\u0648\u0631.  \u0645\u0627 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631 certbot \u0628\u0631\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u0648 \u062a\u0645\u062f\u06cc\u062f \u06af\u0648\u0627\u0647\u06cc \u0647\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062e\u0648\u0627\u0647\u06cc\u0645 \u06a9\u0631\u062f.<\/p>\n<h2 id=\"prerequisites\"><span class=\"ez-toc-section\" id=\"%d9%be%db%8c%d8%b4_%d9%86%db%8c%d8%a7%d8%b2%d9%87%d8%a7\"><\/span>\u067e\u06cc\u0634 \u0646\u06cc\u0627\u0632\u0647\u0627 <span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0642\u0628\u0644 \u0627\u0632 \u0627\u062f\u0627\u0645\u0647\u060c \u0627\u0632 \u0631\u0639\u0627\u06cc\u062a \u067e\u06cc\u0634 \u0646\u06cc\u0627\u0632\u0647\u0627\u06cc \u0632\u06cc\u0631 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u062d\u0627\u0635\u0644 \u06a9\u0646\u06cc\u062f:<\/p>\n<ul>\n<li>\u0646\u0627\u0645 \u062f\u0627\u0645\u0646\u0647 \u0627\u06cc \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u0628\u0647 IP \u0633\u0631\u0648\u0631 \u0639\u0645\u0648\u0645\u06cc \u0634\u0645\u0627 \u0627\u0634\u0627\u0631\u0647 \u062f\u0627\u0631\u062f.  \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062e\u0648\u0627\u0647\u06cc\u0645 \u06a9\u0631\u062f <code>example.com<\/code>.<\/li>\n<li>\u0622\u067e\u0627\u0686\u06cc \u0628\u0627 \u0645\u062c\u0627\u0632\u06cc \u0631\u0648\u06cc \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u0646\u0635\u0628 \u0648 \u0627\u062c\u0631\u0627 \u0645\u06cc \u0634\u0648\u062f host<br \/>\n\u0628\u0631\u0627\u06cc \u062f\u0627\u0645\u0646\u0647 \u0634\u0645\u0627 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a.<\/li>\n<li>\u067e\u0648\u0631\u062a \u0647\u0627\u06cc 80 \u0648 443 \u062f\u0631 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0634\u0645\u0627 \u0628\u0627\u0632 \u0647\u0633\u062a\u0646\u062f.<\/li>\n<\/ul>\n<p>\u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0632\u06cc\u0631 \u0631\u0627 \u06a9\u0647 \u0628\u0631\u0627\u06cc \u0633\u0631\u0648\u0631 \u0648\u0628 \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0634\u062f\u0647 SSL \u0645\u0648\u0631\u062f \u0646\u06cc\u0627\u0632 \u0627\u0633\u062a \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"terminal\"><code class=\"terminal-line\" prefix=\"$\">sudo dnf install mod_ssl openssl<\/code><\/pre>\n<p>\u0647\u0646\u06af\u0627\u0645\u06cc \u06a9\u0647 \u0628\u0633\u062a\u0647 mod_ssl \u0646\u0635\u0628 \u0645\u06cc \u0634\u0648\u062f\u060c \u0628\u0627\u06cc\u062f \u06cc\u06a9 \u06a9\u0644\u06cc\u062f \u062e\u0648\u062f \u0627\u0645\u0636\u0627 \u0634\u062f\u0647 \u0648 \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc \u06af\u0648\u0627\u0647\u06cc \u0628\u0631\u0627\u06cc \u0622\u0646 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f localhost.  \u0627\u06af\u0631 \u0641\u0627\u06cc\u0644\u200c\u0647\u0627 \u0628\u0647\u200c\u0637\u0648\u0631 \u062e\u0648\u062f\u06a9\u0627\u0631 \u0627\u06cc\u062c\u0627\u062f \u0646\u0645\u06cc\u200c\u0634\u0648\u0646\u062f\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 <code>openssl<\/code> \u062f\u0633\u062a\u0648\u0631:<\/p>\n<pre class=\"terminal\"><code class=\"terminal-line\" prefix=\"$\">sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes \\<\/code><code class=\"terminal-line\">  -out \/etc\/pki\/tls\/certs\/localhost.crt \\<\/code><code class=\"terminal-line\">  -keyout \/etc\/pki\/tls\/private\/localhost.key<\/code><\/pre>\n<h2 id=\"install-certbot\"><span class=\"ez-toc-section\" id=\"certbot_%d8%b1%d8%a7_%d9%86%d8%b5%d8%a8_%da%a9%d9%86%db%8c%d8%af\"><\/span>Certbot \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f <span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Certbot \u0631\u0627\u06cc\u06af\u0627\u0646 \u0627\u0633\u062a command-line \u0627\u0628\u0632\u0627\u0631\u06cc \u06a9\u0647 \u06a9\u0627\u0631 \u0631\u0627 \u0633\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f process \u0628\u0631\u0627\u06cc \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u062f\u0646 \u0648 \u062a\u0645\u062f\u06cc\u062f \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc SSL \u0627\u0632 \u0648 \u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646 \u062e\u0648\u062f\u06a9\u0627\u0631 HTTPS \u062f\u0631 \u0633\u0631\u0648\u0631 \u0634\u0645\u0627.<\/p>\n<p>\u0628\u0633\u062a\u0647 certbot \u062f\u0631 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f \u06af\u0646\u062c\u0627\u0646\u062f\u0647 \u0646\u0634\u062f\u0647 \u0627\u0633\u062a CentOS 8 \u0645\u062e\u0632\u0646\u060c \u0627\u0645\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u0622\u0646 \u0631\u0627 \u0627\u0632 \u0648\u0628 \u0633\u0627\u06cc\u062a \u0641\u0631\u0648\u0634\u0646\u062f\u0647 \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0631\u062f.<\/p>\n<p>\u0632\u06cc\u0631 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f <code>wget<\/code><br \/>\n\u062f\u0633\u062a\u0648\u0631 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06a9\u0627\u0631\u0628\u0631 root \u06cc\u0627 sudo \u0628\u0631\u0627\u06cc \u062f\u0627\u0646\u0644\u0648\u062f \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a certbot \u062f\u0631 <code>\/usr\/local\/bin<\/code> \u0641\u0647\u0631\u0633\u062a \u0631\u0627\u0647\u0646\u0645\u0627:<\/p>\n<pre class=\"terminal\"><code class=\"terminal-line\" prefix=\"$\">sudo wget -P \/usr\/local\/bin https:\/\/dl.eff.org\/certbot-auto<\/code><\/pre>\n<p>\u067e\u0633 \u0627\u0632 \u0627\u062a\u0645\u0627\u0645 \u062f\u0627\u0646\u0644\u0648\u062f\u060c \u0641\u0627\u06cc\u0644 \u0631\u0627 \u0642\u0627\u0628\u0644 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"terminal\"><code class=\"terminal-line\" prefix=\"$\">sudo chmod +x \/usr\/local\/bin\/certbot-auto<\/code><\/pre>\n<h2 id=\"generate-strong-dh-diffie-hellman-group\"><span class=\"ez-toc-section\" id=\"%da%af%d8%b1%d9%88%d9%87_strong_dh_diffie-hellman_%d8%b1%d8%a7_%d8%a7%db%8c%d8%ac%d8%a7%d8%af_%da%a9%d9%86%db%8c%d8%af\"><\/span>\u06af\u0631\u0648\u0647 Strong Dh (Diffie-Hellman) \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f <span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u062a\u0628\u0627\u062f\u0644 \u06a9\u0644\u06cc\u062f \u062f\u06cc\u0641\u06cc-\u0647\u0644\u0645\u0646 (DH) \u0631\u0648\u0634\u06cc \u0628\u0631\u0627\u06cc \u062a\u0628\u0627\u062f\u0644 \u0627\u0645\u0646 \u06a9\u0644\u06cc\u062f\u0647\u0627\u06cc \u0631\u0645\u0632\u0646\u06af\u0627\u0631\u06cc \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06cc\u06a9 \u06a9\u0627\u0646\u0627\u0644 \u0627\u0631\u062a\u0628\u0627\u0637\u06cc \u0646\u0627\u0627\u0645\u0646 \u0627\u0633\u062a.  \u0645\u062c\u0645\u0648\u0639\u0647 \u062c\u062f\u06cc\u062f\u06cc \u0627\u0632 \u067e\u0627\u0631\u0627\u0645\u062a\u0631\u0647\u0627\u06cc 2048 \u0628\u06cc\u062a\u06cc DH \u0631\u0627 \u0628\u0631\u0627\u06cc \u062a\u0642\u0648\u06cc\u062a \u0627\u0645\u0646\u06cc\u062a \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"terminal\"><code class=\"terminal-line\" prefix=\"$\">sudo openssl dhparam -out \/etc\/ssl\/certs\/dhparam.pem 2048<\/code><\/pre>\n<p>\u0634\u0645\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u0646\u062f\u0627\u0632\u0647 \u0631\u0627 \u062a\u0627 4096 \u0628\u06cc\u062a \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f\u060c \u0627\u0645\u0627 \u0628\u0633\u062a\u0647 \u0628\u0647 \u0622\u0646\u062a\u0631\u0648\u067e\u06cc \u0633\u06cc\u0633\u062a\u0645\u060c \u062a\u0648\u0644\u06cc\u062f \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0628\u06cc\u0634 \u0627\u0632 30 \u062f\u0642\u06cc\u0642\u0647 \u0637\u0648\u0644 \u0628\u06a9\u0634\u062f.<\/p>\n<h2 id=\"obtaining-a-lets-encrypt-ssl-certificate\"><span class=\"ez-toc-section\" id=\"%d8%af%d8%b1%db%8c%d8%a7%d9%81%d8%aa_%da%af%d9%88%d8%a7%d9%87%db%8c%d9%86%d8%a7%d9%85%d9%87_lets_encrypt_ssl\"><\/span>\u062f\u0631\u06cc\u0627\u0641\u062a \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 Let&#8217;s Encrypt SSL <span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0628\u0631\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u06af\u0648\u0627\u0647\u06cc SSL \u0628\u0631\u0627\u06cc \u062f\u0627\u0645\u0646\u0647\u060c \u0627\u0632 \u0627\u0641\u0632\u0648\u0646\u0647 Webroot \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645 \u06a9\u0647 \u0628\u0627 \u0627\u06cc\u062c\u0627\u062f \u06cc\u06a9 \u0641\u0627\u06cc\u0644 \u0645\u0648\u0642\u062a \u0628\u0631\u0627\u06cc \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u062f\u0627\u0645\u0646\u0647 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u06cc \u062f\u0631 <code>${webroot-path}\/.well-known\/acme-challenge<\/code> \u0641\u0647\u0631\u0633\u062a \u0631\u0627\u0647\u0646\u0645\u0627.  \u0633\u0631\u0648\u0631 Let&#8217;s Encrypt \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc HTTP \u0631\u0627 \u0628\u0647 \u0641\u0627\u06cc\u0644 \u0645\u0648\u0642\u062a \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u062a\u0623\u06cc\u06cc\u062f \u06a9\u0646\u062f \u06a9\u0647 \u062f\u0627\u0645\u0646\u0647 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u06cc \u0628\u0647 \u0633\u0631\u0648\u0631\u06cc \u06a9\u0647 \u0631\u0628\u0627\u062a \u062f\u0631 \u0622\u0646 \u0627\u062c\u0631\u0627 \u0645\u06cc \u0634\u0648\u062f \u062d\u0644 \u0645\u06cc \u0634\u0648\u062f.<\/p>\n<p>\u0628\u0631\u0627\u06cc \u0633\u0627\u062f\u0647\u200c\u062a\u0631 \u06a9\u0631\u062f\u0646 \u062a\u0646\u0638\u06cc\u0645\u0627\u062a\u060c \u0647\u0645\u0647 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627\u06cc HTTP \u0631\u0627 \u062a\u0631\u0633\u06cc\u0645 \u0645\u06cc\u200c\u06a9\u0646\u06cc\u0645 <code>.well-known\/acme-challenge<\/code> \u0628\u0647 \u06cc\u06a9 \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc \u0648\u0627\u062d\u062f\u060c <code>\/var\/lib\/letsencrypt<\/code>.<\/p>\n<p>\u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0632\u06cc\u0631 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc \u0648 \u0642\u0627\u0628\u0644 \u0646\u0648\u0634\u062a\u0646 \u0628\u0631\u0627\u06cc \u0633\u0631\u0648\u0631 \u0622\u067e\u0627\u0686\u06cc \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f.<\/p>\n<pre class=\"terminal\"><code class=\"terminal-line\" prefix=\"$\">sudo mkdir -p \/var\/lib\/letsencrypt\/.well-known<\/code><code class=\"terminal-line\" prefix=\"$\">sudo chgrp apache \/var\/lib\/letsencrypt<\/code><code class=\"terminal-line\" prefix=\"$\">sudo chmod g+s \/var\/lib\/letsencrypt<\/code><\/pre>\n<p>\u0628\u0631\u0627\u06cc \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u062a\u06a9\u0631\u0627\u0631 \u06a9\u062f \u0648 \u062d\u0641\u0638 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0628\u06cc\u0634\u062a\u0631\u060c \u062f\u0648 \u0642\u0637\u0639\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0632\u06cc\u0631 \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f:<\/p>\n<div class=\"code-label\">\/etc\/httpd\/conf.d\/letsencrypt.conf<\/div>\n<div class=\"highlight\">\n<pre tabindex=\"0\" class=\"chroma\"><code class=\"language-apache\" data-lang=\"apache\"><span class=\"line\"><span class=\"cl\"><span class=\"nb\">Alias<\/span> \/.well-known\/acme-challenge\/ <span class=\"s2\">\"\/var\/lib\/letsencrypt\/.well-known\/acme-challenge\/\"<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nt\">&lt;Directory<\/span> <span class=\"s\">\"\/var\/lib\/letsencrypt\/\"<\/span><span class=\"nt\">&gt;<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">    <span class=\"nb\">AllowOverride<\/span> <span class=\"k\">None<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">    <span class=\"nb\">Options<\/span> MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec\n<\/span><\/span><span class=\"line\"><span class=\"cl\">    <span class=\"nb\">Require<\/span> method GET POST OPTIONS\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nt\">&lt;\/Directory&gt;<\/span>\n<\/span><\/span><\/code><\/pre>\n<\/div>\n<div class=\"code-label\">\/etc\/httpd\/conf.d\/ssl-params.conf<\/div>\n<div class=\"highlight\">\n<pre tabindex=\"0\" class=\"chroma\"><code class=\"language-apache\" data-lang=\"apache\"><span class=\"line\"><span class=\"cl\"><span class=\"nb\">SSLProtocol<\/span>             <span class=\"k\">all<\/span> -SSLv3 -TLSv1 -TLSv1.1\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nb\">SSLCipherSuite<\/span>          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nb\">SSLHonorCipherOrder<\/span>     <span class=\"k\">off<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nb\">SSLSessionTickets<\/span>       <span class=\"k\">off<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nb\">SSLUseStapling<\/span> <span class=\"k\">On<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nb\">SSLStaplingCache<\/span> <span class=\"s2\">\"shmcb:logs\/ssl_stapling(32768)\"<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nb\">Header<\/span> always set Strict-Transport-Security <span class=\"s2\">\"max-age=63072000; includeSubDomains; preload\"<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nb\">Header<\/span> always set X-Frame-Options SAMEORIGIN\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nb\">Header<\/span> always set X-Content-Type-Options nosniff\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nb\">SSLOpenSSLConfCmd<\/span> DHParameters <span class=\"s2\">\"\/etc\/ssl\/certs\/dhparam.pem\"<\/span>\n<\/span><\/span><\/code><\/pre>\n<\/div>\n<p>\u0642\u0637\u0639\u0647 \u0628\u0627\u0644\u0627 \u0627\u0632 \u062a\u0631\u0627\u0634\u0647\u200c\u0647\u0627\u06cc \u067e\u06cc\u0634\u0646\u0647\u0627\u062f\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f <a href=\"https:\/\/ssl-config.mozilla.org\/\" target=\"_blank\" rel=\"noopener\">\u0645\u0648\u0632\u06cc\u0644\u0627<\/a><br \/>\n.  OCSP Stapling\u060c HTTP Strict Transport Security (HSTS)\u060c \u06a9\u0644\u06cc\u062f Dh \u0631\u0627 \u0641\u0639\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f \u0648 \u062a\u0639\u062f\u0627\u062f \u06a9\u0645\u06cc \u0647\u062f\u0631 HTTP \u0645\u062a\u0645\u0631\u06a9\u0632 \u0628\u0631 \u0627\u0645\u0646\u06cc\u062a \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<p>\u0628\u0631\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a\u060c \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0622\u067e\u0627\u0686\u06cc \u0631\u0627 \u062f\u0648\u0628\u0627\u0631\u0647 \u0628\u0627\u0631\u06af\u06cc\u0631\u06cc \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"terminal\"><code class=\"terminal-line\" prefix=\"$\">sudo systemctl reload httpd<\/code><\/pre>\n<p>\u0627\u06a9\u0646\u0648\u0646 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a certbot \u0631\u0627 \u0628\u0627 \u0627\u0641\u0632\u0648\u0646\u0647 webroot \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f \u0648 \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc \u06af\u0648\u0627\u0647\u06cc SSL \u0631\u0627 \u0648\u0627\u06a9\u0634\u06cc \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"terminal\"><code class=\"terminal-line\" prefix=\"$\">sudo \/usr\/local\/bin\/certbot-auto certonly --agree-tos --email admin@example.com --webroot -w \/var\/lib\/letsencrypt\/ -d example.com -d www.example.com<\/code><\/pre>\n<p>\u062f\u0631 \u0635\u0648\u0631\u062a \u0645\u0648\u0641\u0642\u06cc\u062a\u060c certbot \u067e\u06cc\u0627\u0645 \u0632\u06cc\u0631 \u0631\u0627 \u0686\u0627\u067e \u0645\u06cc \u06a9\u0646\u062f:<\/p>\n<pre tabindex=\"0\"><code class=\"language-output\" data-lang=\"output\">IMPORTANT NOTES:\n - Congratulations! Your certificate and chain have been saved at:\n   \/etc\/letsencrypt\/live\/example.com\/fullchain.pem\n   Your key file has been saved at:\n   \/etc\/letsencrypt\/live\/example.com\/privkey.pem\n   Your cert will expire on 2020-01-26. To obtain a new or tweaked\n   version of this certificate in the future, simply run certbot-auto\n   again. To non-interactively renew *all* of your certificates, run\n   \"certbot-auto renew\"\n - Your account credentials have been saved in your Certbot\n   configuration directory at \/etc\/letsencrypt. You should make a\n   secure backup of this folder now. This configuration directory will\n   also contain certificates and private keys obtained by Certbot so\n   making regular backups of this folder is ideal.\n - If you like Certbot, please consider supporting our work by:\n\n   Donating to ISRG \/ Let's Encrypt:   https:\/\/letsencrypt.org\/donate\n   Donating to EFF:                    https:\/\/eff.org\/donate-le\n<\/code><\/pre>\n<p>\u0627\u06a9\u0646\u0648\u0646 \u06a9\u0647 \u0647\u0645\u0647 \u0686\u06cc\u0632 \u062a\u0646\u0638\u06cc\u0645 \u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u062f\u0627\u0645\u0646\u0647 \u0645\u062c\u0627\u0632\u06cc \u062e\u0648\u062f \u0631\u0627 \u0648\u06cc\u0631\u0627\u06cc\u0634 \u06a9\u0646\u06cc\u062f host \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0628\u0647 \u0634\u0631\u062d \u0632\u06cc\u0631 \u0627\u0633\u062a:<\/p>\n<div class=\"code-label\">\/etc\/httpd\/conf.d\/example.com.conf<\/div>\n<div class=\"highlight\">\n<pre tabindex=\"0\" class=\"chroma\"><code class=\"language-apache\" data-lang=\"apache\"><span class=\"line\"><span class=\"cl\"><span class=\"nt\">&lt;VirtualHost<\/span> <span class=\"s\">*:80<\/span><span class=\"nt\">&gt;<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">ServerName<\/span> example.com\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">ServerAlias<\/span> www.example.com\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">Redirect<\/span> permanent \/ https:\/\/example.com\/\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nt\">&lt;\/VirtualHost&gt;<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nt\">&lt;VirtualHost<\/span> <span class=\"s\">*:443<\/span><span class=\"nt\">&gt;<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">ServerName<\/span> example.com\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">ServerAlias<\/span> www.example.com\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">Protocols<\/span> h2 http\/1.1\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nt\">&lt;If<\/span> <span class=\"s\">\"%{HTTP_HOST} == 'www.example.com'\"<\/span><span class=\"nt\">&gt;<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">    <span class=\"nb\">Redirect<\/span> permanent \/ https:\/\/example.com\/\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nt\">&lt;\/If&gt;<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">DocumentRoot<\/span> <span class=\"sx\">\/var\/www\/example.com\/public_html<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">ErrorLog<\/span> <span class=\"sx\">\/var\/log\/httpd\/example.com-error.log<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">CustomLog<\/span> <span class=\"sx\">\/var\/log\/httpd\/example.com-access.log<\/span> combined\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">SSLEngine<\/span> <span class=\"k\">On<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">SSLCertificateFile<\/span> <span class=\"sx\">\/etc\/letsencrypt\/live\/example.com\/fullchain.pem<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"nb\">SSLCertificateKeyFile<\/span> <span class=\"sx\">\/etc\/letsencrypt\/live\/example.com\/privkey.pem<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\">  <span class=\"c\"># Other Apache Configuration<\/span>\n<\/span><\/span><span class=\"line\"><span class=\"cl\">\n<\/span><\/span><span class=\"line\"><span class=\"cl\"><span class=\"nt\">&lt;\/VirtualHost&gt;<\/span>\n<\/span><\/span><\/code><\/pre>\n<\/div>\n<p>\u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0628\u0627\u0644\u0627 HTTPS \u0631\u0627 \u0645\u062c\u0628\u0648\u0631 \u0645\u06cc\u200c\u06a9\u0646\u062f \u0648 \u0627\u0632 www \u0628\u0647 \u0646\u0633\u062e\u0647 \u063a\u06cc\u0631www \u0647\u062f\u0627\u06cc\u062a \u0645\u06cc\u200c\u06a9\u0646\u062f.  \u0647\u0645\u0686\u0646\u06cc\u0646 HTTP\/2 \u0631\u0627 \u0641\u0639\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0633\u0627\u06cc\u062a \u0634\u0645\u0627 \u0631\u0627 \u0633\u0631\u06cc\u0639\u062a\u0631 \u0648 \u0642\u0648\u06cc \u062a\u0631 \u0645\u06cc \u06a9\u0646\u062f.  \u0628\u0647 \u0631\u0627\u062d\u062a\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0631\u0627 \u0645\u0637\u0627\u0628\u0642 \u0628\u0627 \u0646\u06cc\u0627\u0632 \u062e\u0648\u062f \u062a\u0646\u0638\u06cc\u0645 \u06a9\u0646\u06cc\u062f.<\/p>\n<p>\u0633\u0631\u0648\u06cc\u0633 \u0622\u067e\u0627\u0686\u06cc \u0631\u0627 \u0645\u062c\u062f\u062f\u0627 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"terminal\"><code class=\"terminal-line\" prefix=\"$\">sudo systemctl restart httpd<\/code><\/pre>\n<p>\u0627\u06a9\u0646\u0648\u0646 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0648\u0628 \u0633\u0627\u06cc\u062a \u062e\u0648\u062f \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0646 \u0628\u0627\u0632 \u06a9\u0646\u06cc\u062f <code>https:\/\/<\/code>\u0648 \u06cc\u06a9 \u0646\u0645\u0627\u062f \u0642\u0641\u0644 \u0633\u0628\u0632 \u0631\u0646\u06af \u0631\u0627 \u0645\u0634\u0627\u0647\u062f\u0647 \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f.<\/p>\n<p>\u0627\u06af\u0631 \u062f\u0627\u0645\u0646\u0647 \u062e\u0648\u062f \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 <a href=\"https:\/\/www.ssllabs.com\/ssltest\/\" target=\"_blank\" rel=\"noopener\">\u062a\u0633\u062a \u0633\u0631\u0648\u0631 SSL Labs<\/a><br \/>\n\u060c \u0647\u0645\u0627\u0646\u0637\u0648\u0631 \u06a9\u0647 \u062f\u0631 \u0632\u06cc\u0631 \u0646\u0634\u0627\u0646 \u062f\u0627\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u0646\u0645\u0631\u0647 A+ \u062f\u0631\u06cc\u0627\u0641\u062a \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f:<\/p>\n<figure class=\"relative\">\n<div class=\"relative block w-full mx-auto my-0\">\n<div class=\"bg-gray-100 absolute inset-0 w-full h-full m-auto overflow-hidden\"><img decoding=\"async\" class=\"absolute inset-0 w-full h-full m-auto\" loading=\"lazy\" src=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2023\/12\/1703672287_432_Apache-\u0631\u0627-\u0628\u0627-Lets-Encrypt-\u0631\u0648\u0634\u0646-\u06a9\u0646\u06cc\u062f-CentOS-8.jpg\" alt=\"\u062a\u0633\u062a SSLLABS\" title=\"\"><\/div>\n<\/div>\n<\/figure>\n<h2 id=\"auto-renewing-lets-encrypt-ssl-certificate\"><span class=\"ez-toc-section\" id=\"%d8%aa%d9%85%d8%af%db%8c%d8%af_%d8%ae%d9%88%d8%af%da%a9%d8%a7%d8%b1_%da%af%d9%88%d8%a7%d9%87%db%8c%d9%86%d8%a7%d9%85%d9%87_lets_encrypt_ssl\"><\/span>\u062a\u0645\u062f\u06cc\u062f \u062e\u0648\u062f\u06a9\u0627\u0631 \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 Let&#8217;s Encrypt SSL <span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc Let&#8217;s Encrypt \u0628\u0647 \u0645\u062f\u062a 90 \u0631\u0648\u0632 \u0645\u0639\u062a\u0628\u0631 \u0647\u0633\u062a\u0646\u062f.  \u0628\u0631\u0627\u06cc \u062a\u0645\u062f\u06cc\u062f \u062e\u0648\u062f\u06a9\u0627\u0631 \u06af\u0648\u0627\u0647\u06cc\u200c\u0647\u0627 \u0642\u0628\u0644 \u0627\u0632 \u0627\u0646\u0642\u0636\u0627\u060c \u06cc\u06a9 cronjob \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc\u200c\u06a9\u0646\u06cc\u0645 \u06a9\u0647 \u062f\u0648 \u0628\u0627\u0631 \u062f\u0631 \u0631\u0648\u0632 \u0627\u062c\u0631\u0627 \u0645\u06cc\u200c\u0634\u0648\u062f \u0648 \u0647\u0631 \u06af\u0648\u0627\u0647\u06cc \u0631\u0627 30 \u0631\u0648\u0632 \u0642\u0628\u0644 \u0627\u0632 \u0627\u0646\u0642\u0636\u0627 \u0628\u0647 \u0637\u0648\u0631 \u062e\u0648\u062f\u06a9\u0627\u0631 \u062a\u0645\u062f\u06cc\u062f \u0645\u06cc\u200c\u06a9\u0646\u062f.<\/p>\n<p>\u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u06cc\u06a9 cronjob \u062c\u062f\u06cc\u062f \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u06af\u0648\u0627\u0647\u06cc \u0631\u0627 \u062a\u0645\u062f\u06cc\u062f \u0645\u06cc \u06a9\u0646\u062f \u0648 Apache \u0631\u0627 \u0645\u062c\u062f\u062f\u0627 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u0645\u06cc \u06a9\u0646\u062f:<\/p>\n<pre class=\"terminal\"><code class=\"terminal-line\" prefix=\"$\">echo \"0 0,12 * * * root python3 -c 'import random; import time; time.sleep(random.random() * 3600)' &amp;&amp; \/usr\/local\/bin\/certbot-auto -q renew --renew-hook \\\"systemctl reload httpd\\\"\" | sudo tee -a \/etc\/crontab &gt; \/dev\/null<\/code><\/pre>\n<p>\u0628\u0631\u0627\u06cc \u062a\u0633\u062a \u062a\u0645\u062f\u06cc\u062f process\u060c \u0627\u0632 \u062f\u0633\u062a\u0648\u0631 certbot \u0628\u0647 \u062f\u0646\u0628\u0627\u0644 \u0622\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f <code>--dry-run<\/code> \u062a\u0639\u0648\u06cc\u0636:<\/p>\n<pre class=\"terminal\"><code class=\"terminal-line\" prefix=\"$\">sudo \/usr\/local\/bin\/certbot-auto renew --dry-run<\/code><\/pre>\n<p>\u0627\u06af\u0631 \u062e\u0637\u0627\u06cc\u06cc \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f\u060c \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0639\u0646\u06cc \u0627\u0633\u062a \u06a9\u0647 \u062a\u0645\u062f\u06cc\u062f process \u0645\u0648\u0641\u0642\u06cc\u062a \u0622\u0645\u06cc\u0632 \u0628\u0648\u062f.<\/p>\n<h2 id=\"conclusion\"><span class=\"ez-toc-section\" id=\"%d9%86%d8%aa%db%8c%d8%ac%d9%87\"><\/span>\u0646\u062a\u06cc\u062c\u0647 <span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u062f\u0631 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634\u060c \u062f\u0631 \u0645\u0648\u0631\u062f \u0631\u0648\u0634 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 certbot \u06a9\u0644\u0627\u06cc\u0646\u062a Let&#8217;s Encrypt \u0628\u0631 \u0631\u0648\u06cc \u0635\u062d\u0628\u062a \u06a9\u0631\u062f\u06cc\u0645 CentOS \u0628\u0631\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 SSL \u0628\u0631\u0627\u06cc \u062f\u0627\u0645\u0646\u0647 \u0647\u0627\u06cc \u062e\u0648\u062f.  \u0645\u0627 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0647 \u0634\u0645\u0627 \u0646\u0634\u0627\u0646 \u062f\u0627\u062f\u0647\u200c\u0627\u06cc\u0645 \u06a9\u0647 \u0686\u06af\u0648\u0646\u0647 \u0622\u067e\u0627\u0686\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06af\u0648\u0627\u0647\u06cc\u200c\u0647\u0627 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u06a9\u0646\u06cc\u062f \u0648 \u06cc\u06a9 cronjob \u0628\u0631\u0627\u06cc \u062a\u0645\u062f\u06cc\u062f \u062e\u0648\u062f\u06a9\u0627\u0631 \u06af\u0648\u0627\u0647\u06cc \u062a\u0646\u0638\u06cc\u0645 \u06a9\u0646\u06cc\u062f.<\/p>\n<p>\u0628\u0631\u0627\u06cc \u06a9\u0633\u0628 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u062f\u0631 \u0645\u0648\u0631\u062f \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a Certbot\u060c \u0628\u0647 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f <a href=\"https:\/\/certbot.eff.org\/docs\/\" target=\"_blank\" rel=\"noopener\">\u0627\u0633\u0646\u0627\u062f Certbot<\/a><br \/>\n.<\/p>\n<p>\u0627\u06af\u0631 \u0633\u0648\u0627\u0644 \u06cc\u0627 \u0628\u0627\u0632\u062e\u0648\u0631\u062f\u06cc \u062f\u0627\u0631\u06cc\u062f\u060c \u062f\u0631 \u06a9\u0627\u0645\u0646\u062a \u0628\u06af\u0630\u0627\u0631\u06cc\u062f.<\/p>\n<div class=\"flex flex-wrap my-8\">apache centos \u0628\u06cc\u0627\u06cc\u06cc\u062f certbot ssl \u0631\u0627 \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u06a9\u0646\u06cc\u0645<\/div>\n<div class=\"p-6 my-8 bg-teal-100 markdown\">\n<p class=\"text-base\">\u0627\u06cc\u0646 \u067e\u0633\u062a \u0628\u062e\u0634\u06cc \u0627\u0632 <span class=\"font-medium\">LAMP Stack \u0631\u0627 \u0631\u0648\u0634\u0646 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f CentOS 8<\/span> \u0633\u0644\u0633\u0644\u0647.<br \/>\u0633\u0627\u06cc\u0631 \u067e\u0633\u062a \u0647\u0627\u06cc \u0627\u06cc\u0646 \u0645\u062c\u0645\u0648\u0639\u0647:<\/p>\n<div class=\"flex justify-between\">\n<div class=\"markdown text-base\"><span class=\"mr-2\">\u2022<\/span><br \/>\n\u0631\u0648\u0634 \u0646\u0635\u0628 \u0622\u067e\u0627\u0686\u06cc \u0631\u0648\u06cc CentOS 8<\/div>\n<div class=\"hidden sm:block\"><time class=\"text-sm\" datetime=\"2019-10-12T19:28:17+01:00\">12 \u0627\u06a9\u062a\u0628\u0631 2019<\/time><\/div>\n<\/div>\n<div class=\"flex justify-between\">\n<div class=\"markdown text-base\"><span class=\"mr-2\">\u2022<\/span><br \/>\n\u0631\u0648\u0634 \u0646\u0635\u0628 MySQL \u0631\u0648\u06cc CentOS 8<\/div>\n<div class=\"hidden sm:block\"><time class=\"text-sm\" datetime=\"2019-10-17T12:24:10+01:00\">17 \u0627\u06a9\u062a\u0628\u0631 2019<\/time><\/div>\n<\/div>\n<div class=\"flex justify-between\">\n<div class=\"markdown text-base\"><span class=\"mr-2\">\u2022<\/span><br \/>\n\u0631\u0648\u0634 \u0646\u0635\u0628 PHP \u0631\u0648\u06cc CentOS 8<\/div>\n<div class=\"hidden sm:block\"><time class=\"text-sm\" datetime=\"2019-10-18T21:34:18+01:00\">18 \u0627\u06a9\u062a\u0628\u0631 2019<\/time><\/div>\n<\/div>\n<div class=\"flex justify-between\">\n<div class=\"markdown text-base\"><span class=\"mr-2\">\u2022<\/span><br \/>\nApache \u0631\u0627 \u0628\u0627 Let&#8217;s Encrypt \u0631\u0648\u0634\u0646 \u06a9\u0646\u06cc\u062f CentOS 8<\/div>\n<div class=\"hidden sm:block\"><time class=\"text-sm\" datetime=\"2019-10-28T21:54:10+01:00\">28 \u0627\u06a9\u062a\u0628\u0631 2019<\/time><\/div>\n<\/div>\n<div class=\"flex justify-between\">\n<div class=\"markdown text-base\"><span class=\"mr-2\">\u2022<\/span><br \/>\n\u0631\u0648\u0634 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u0647\u0627\u0633\u062a \u0645\u062c\u0627\u0632\u06cc \u0622\u067e\u0627\u0686\u06cc CentOS 8<\/div>\n<div class=\"hidden sm:block\"><time class=\"text-sm\" datetime=\"2020-03-03T20:11:00+01:00\">3 \u0645\u0627\u0631\u0633 2020<\/time><\/div>\n<\/div>\n<\/div>\n<\/div>\n\n<div>\u0628\u0631\u0627\u06cc \u0646\u06af\u0627\u0631\u0634 \u0628\u062e\u0634\u0647\u0627\u06cc\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0645\u062a\u0646 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0627\u0632 \u062a\u0631\u062c\u0645\u0647 \u0645\u0627\u0634\u06cc\u0646\u06cc \u06cc\u0627 \u0647\u0648\u0634 \u0645\u0635\u0646\u0648\u0639\u06cc GPT \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u062f\u0647 \u0628\u0627\u0634\u062f <br \/>\n\u0644\u0637\u0641\u0627 \u062f\u0631 \u0635\u0648\u0631\u062a \u0648\u062c\u0648\u062f \u0645\u0634\u06a9\u0644 \u062f\u0631 \u0645\u062a\u0646 \u06cc\u0627 \u0645\u0641\u0647\u0648\u0645 \u0646\u0628\u0648\u062f\u0646 \u062a\u0648\u0636\u06cc\u062d\u0627\u062a\u060c \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062f\u06a9\u0645\u0647 \u06af\u0632\u0627\u0631\u0634 \u0646\u0648\u0634\u062a\u0627\u0631 \u06cc\u0627 \u062f\u0631\u062c \u0646\u0638\u0631 \u0631\u0648\u06cc \u0627\u06cc\u0646 \u0645\u0637\u0644\u0628 \u0645\u0627 \u0631\u0627 \u0627\u0632 \u062c\u0632\u06cc\u06cc\u0627\u062a \u0645\u0634\u06a9\u0644 \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f\u0647 \u0645\u0637\u0644\u0639 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0628\u0647 \u0622\u0646 \u0631\u0633\u06cc\u062f\u06af\u06cc \u06a9\u0646\u06cc\u0645\n<\/div>\n<p>\u0632\u0645\u0627\u0646 \u0627\u0646\u062a\u0634\u0627\u0631: 1402-12-27 13:48:02<br \/>\n<\/p>\n\n\n<div class=\"kk-star-ratings kksr-auto kksr-align-center kksr-valign-bottom\"\n    data-payload='{&quot;align&quot;:&quot;center&quot;,&quot;id&quot;:&quot;10127&quot;,&quot;slug&quot;:&quot;default&quot;,&quot;valign&quot;:&quot;bottom&quot;,&quot;ignore&quot;:&quot;&quot;,&quot;reference&quot;:&quot;auto&quot;,&quot;class&quot;:&quot;&quot;,&quot;count&quot;:&quot;0&quot;,&quot;legendonly&quot;:&quot;&quot;,&quot;readonly&quot;:&quot;&quot;,&quot;score&quot;:&quot;0&quot;,&quot;starsonly&quot;:&quot;&quot;,&quot;best&quot;:&quot;5&quot;,&quot;gap&quot;:&quot;5&quot;,&quot;greet&quot;:&quot;\u0627\u0645\u062a\u06cc\u0627\u0632 \u0634\u0645\u0627 \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0637\u0644\u0628&quot;,&quot;legend&quot;:&quot;0\\\/5 (0 \u0631\u0627\u06cc)&quot;,&quot;size&quot;:&quot;30&quot;,&quot;title&quot;:&quot;Apache \u0631\u0627 \u0628\u0627 Let\\u0026#039;s Encrypt \u0631\u0648\u0634\u0646 \u06a9\u0646\u06cc\u062f CentOS 8&quot;,&quot;width&quot;:&quot;0&quot;,&quot;_legend&quot;:&quot;{score}\\\/{best} ({count} \u0631\u0627\u06cc)&quot;,&quot;font_factor&quot;:&quot;1.25&quot;}'>\n            \n<div class=\"kksr-stars\">\n    \n<div class=\"kksr-stars-inactive\">\n            <div class=\"kksr-star\" data-star=\"1\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"2\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"3\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"4\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"5\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n    <\/div>\n    \n<div class=\"kksr-stars-active\" style=\"width: 0px;\">\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n    <\/div>\n<\/div>\n                \n\n<div class=\"kksr-legend\" style=\"font-size: 24px;\">\n            <span class=\"kksr-muted\">\u0627\u0645\u062a\u06cc\u0627\u0632 \u0634\u0645\u0627 \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0637\u0644\u0628<\/span>\n    <\/div>\n    <\/div>\n","protected":false},"excerpt":{"rendered":"<p><span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">\u0632\u0645\u0627\u0646 \u0644\u0627\u0632\u0645 \u0628\u0631\u0627\u06cc \u0645\u0637\u0627\u0644\u0639\u0647: <\/span> <span class=\"rt-time\"> 5<\/span> <span class=\"rt-label rt-postfix\">\u062f\u0642\u06cc\u0642\u0647<\/span><\/span>Let&#8217;s Encrypt \u06cc\u06a9 \u0645\u0631\u062c\u0639 \u06af\u0648\u0627\u0647\u06cc \u0631\u0627\u06cc\u06af\u0627\u0646\u060c \u062e\u0648\u062f\u06a9\u0627\u0631 \u0648 \u0628\u0627\u0632 \u0627\u0633\u062a \u06a9\u0647 \u062a\u0648\u0633\u0637 \u06af\u0631\u0648\u0647 \u062a\u062d\u0642\u06cc\u0642\u0627\u062a\u06cc \u0627\u0645\u0646\u06cc\u062a \u0627\u06cc\u0646\u062a\u0631\u0646\u062a (ISRG) \u062a\u0648\u0633\u0639\u0647 \u06cc\u0627\u0641\u062a\u0647 \u0648 \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc SSL \u0631\u0627\u06cc\u06af\u0627\u0646 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f. \u06af\u0648\u0627\u0647\u06cc\u200c\u0647\u0627\u06cc \u0635\u0627\u062f\u0631 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 Let&#8217;s Encrypt \u0645\u0648\u0631\u062f \u0627\u0639\u062a\u0645\u0627\u062f \u0647\u0645\u0647 \u0645\u0631\u0648\u0631\u06af\u0631\u0647\u0627\u06cc \u0627\u0635\u0644\u06cc \u0647\u0633\u062a\u0646\u062f \u0648 90 \u0631\u0648\u0632 \u0627\u0632 \u062a\u0627\u0631\u06cc\u062e \u0635\u062f\u0648\u0631 \u0627\u0639\u062a\u0628\u0627\u0631 \u062f\u0627\u0631\u0646\u062f. \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u0631\u0648\u0634 \u0646\u0635\u0628 \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 \u0631\u0627\u06cc\u06af\u0627\u0646 Let&#8217;s Encrypt [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":10128,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[202,95],"tags":[2608,2642,918,2534,180,2607,2529,171,2539,2646,2644,2645,2643,1845],"class_list":["post-10127","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-os","category-linux","tag-certbot","tag-lamp-stack-----centos-8","tag-ssl","tag-vps-","tag-180","tag-2607","tag-2529","tag-171","tag-2539","tag-------centos-8","tag---mysql--centos-8","tag---php--centos-8","tag-----centos-8","tag-1845"],"acf":[],"_links":{"self":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/posts\/10127","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/comments?post=10127"}],"version-history":[{"count":0,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/posts\/10127\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/media\/10128"}],"wp:attachment":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/media?parent=10127"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/categories?post=10127"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/tags?post=10127"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}