1、到官网(https://certbot.eff.org/instructions?ws=webproduct&os=windows)下载 certbot客户端。
2、安装客户端(全部默认安装即可)
3、暂停IIS中的网站
开始菜单中找到并运行"Certbot",输入指令:
certbot certonly --standalone
然后根据提示1输入邮箱、2同意协议、3拒绝推广邮件、4输入域名
正常的话,会提示接收成功,已经保存到xx目录
如果失败:
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: xxxxx.com
Type: connection
Detail: 12.34.56.78: Fetching http://xxxxx.com/.well-known/acme-challenge/xxxxxx: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile C:\Certbot\log\letsencrypt.log or re-run Certbot with -v for more details.
如果提示失败,通常是防火墙问题。暂时关闭防火墙,方法:请注意,在进行调试后请记得重新启用防火墙以确保服务器的安全性。
打开 PowerShell 窗口(以管理员身份运行)。你可以在开始菜单中找到 PowerShell,右键点击并选择"以管理员身份运行"。输入以下命令来停用 Windows Defender 防火墙:
netsh advfirewall set allprofiles state off
如果需要启用防火墙,可以使用以下命令:
netsh advfirewall set allprofiles state on
IIS中添加并绑定证书:
添加:
绑定
