//letsencrypt相关命令apt-get updateapt-get install software-properties-commonadd-apt-repository universeadd-apt-repository ppa:certbot/certbotapt-get updateapt-get install certbot python-certbot-nginxcertbot --nginx 自动获取证书并允许自动修改配置文件certbot certonly --webroot -w /var/www/html -d demo.cn 手动获取证书并手动动修改配置文件certbot revoke --cert-path /etc/letsencrypt/live/demo.cn/cert.pem 撤销证书certbot delete --cert-name demo.cn 删除证书certbot certificates 查看所有证书//手动获取证书修改配置文件步骤1.//证书验证location ^~ /.well-known/acme-challenge/ {default_type “text/plain”;root /var/www/html;}location /.well-known/acme-challenge/ {return 404;}2.//执行certbot certonly --webroot -w /var/www/html -d demo.cn3.//修改配置文件引入证书所需公钥、私钥listen 443 ssl;#listen [::]:443 ssl ipv6onlyon;ssl_certificate /etc/letsencrypt/live/demo.cn/fullchain.pem;ssl_certificate_key /etc/letsencrypt/live/demo.cn/privkey.pem;ssl_trusted_certificate /etc/letsencrypt/live/demo.cn/chain.pem;4.//强制跳转httpsserver {if ($host demo.cn) { return 301 https://$host$request_uri; } listen 80; server_name demo.cn; return 404;}