Nginx 原生支援 ACME 協定

Nginx 推出原生支援 ACME Protocol，之後就可以避免忘記更新憑證的問題了~

Nginx 原生支援 ACME 協定

原文：NGINX Introduces Native Support for ACME Protocol

• GitHub：nginx/nginx-acme: An NGINX module with the implementation of the automatic certificate management (ACMEv2) protocol
  • nginx-acme is an NGINX module with the implementation of the automatic certificate management (ACMEv2) protocol.

ACME workflow 有下述四個步驟：(取自上述原文)

1. Setting up the ACME Server # 設定範例：
   • acme_issuer letsencrypt {
uri https://acme-v02.api.letsencrypt.org/directory;
# contact admin@example.test;
state_path /var/cache/nginx/acme-letsencrypt;
accept_terms_of_service;
}
2. Allocating Shared Memory # 設定範例：
   • acme_shared_zone zone=acme_shared:1M;
3. Configuring Challenges
4. Certificate Issue and Renewal # 設定範例：
   • server {
listen 443 ssl;
server_name .example.com;
acme_certificate letsencrypt;
ssl_certificate $acme_certificate;
ssl_certificate_key $acme_certificate_key;
ssl_certificate_cache max=2;
}