前置条件 : 已经购买或租用的域名

操作步骤

1. 打开申请页面
2. 然后按照顺序填写上面的内容
3. 然后就签发成功了

好了下面是具体的步骤

操作步骤

1. 打开页面

2. 步骤一选择Let's Encrypt

3. 步骤二域名填写你的域名

4. 证书私钥填写下面的证书私钥或者自己生成RSA2048的私钥也行

5. ACME账户私钥填写下面的账户私钥或者自己生成RSA2048的私钥也行

6. 邮箱填写自己的邮箱

7. 然后确认之后进入第二步

8. 域名管理添加子域名和text记录

9. 验证通过之后下载key文件和证书文件
   10.然后就可以得到一个服务器站点证书了

10. 需要pfx的可以通过工具将私钥和证书合并成pfx

更新证书时步骤和上面一致
可以将账户私钥进行保存,方便更新使用

生成pfx

package com.example.pfx;  import com.example.demo.cipher.util.PfxUtil; import org.bouncycastle.util.encoders.Base64; import org.bouncycastle.util.encoders.Hex; import org.junit.jupiter.api.Test;  import java.security.PrivateKey; import java.security.cert.Certificate;  /**  * @author lidg  * @date 2023/9/11 12:08  * @desc  */ public class PfxTest {      @Test     public void genPfxTest() throws Exception {         // 上面的证书私钥,p8格式的私钥         String privateKeyStr = "";         // 签发出来的证书         String cert = "";         // pfx的保护密码         String passwd = "12345678";         // 解析私钥         PrivateKey privateKey = PfxUtil.parsePrivateKey(Base64.decode(privateKeyStr));         //  解析证书         Certificate certificate = PfxUtil.parseCert(Base64.decode(cert));         // 生成pfx         PfxUtil.genPfx(privateKey, certificate, passwd, "myPfx.pfx");      }  } 

PfxUtil.java

/**  * @author lidg  * @date 2023/9/11 14:39  * @desc  */ public class PfxUtil {       static {         // 注册bc库         Security.addProvider(new BouncyCastleProvider());     }      public static void genPfx(PrivateKey privateKey, Certificate certificate, String pwd, String outPath) throws Exception {         try (FileOutputStream fos = new FileOutputStream(outPath)) {             // 创建一个密钥存储对象，指定类型为PKCS#12             KeyStore keyStore = KeyStore.getInstance("PKCS12");             // 初始化密钥存储对象并设置口令             keyStore.load(null, null);             // 将私钥、公钥和证书添加到密钥存储对象中，指定别名和口令             // 指定一个别名             String alias = "myAlias";             keyStore.setKeyEntry(alias, privateKey, pwd.toCharArray(), new Certificate[]{certificate});             // 将密钥存储对象保存到文件或输出流中             keyStore.store(fos, pwd.toCharArray());         } catch (Exception e) {             throw new Exception("构造pfx失败", e);         }     }                   public static PrivateKey parsePrivateKey(byte[] p8PrivateBytes) throws Exception {          // 创建一个私钥规范对象         PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(p8PrivateBytes);         // 创建一个密钥工厂对象         KeyFactory keyFactory = KeyFactory.getInstance("RSA");         // 生成一个私钥对象         PrivateKey privateKey = keyFactory.generatePrivate(keySpec);         // 返回私钥对象         return privateKey;     }      public static Certificate parseCert(byte[] x509CertBytes){         try {             // 创建一个证书工厂对象，指定类型为X.509             CertificateFactory cf = CertificateFactory.getInstance("X.509");             // 生成一个证书对象             Certificate certificate = cf.generateCertificate(new ByteArrayInputStream(x509CertBytes));             // 返回证书对象             return certificate;         } catch (CertificateException e) {             System.out.println("解析失败");             throw new RuntimeException(e);         }     }   }  

站点证书密钥对： RSA2048

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1k/AMic9LR2GfyVUc1N UYpVEjnXf+UiI6EDSZVbsyAUmh9mSACIR+4UyyfUUaxHTzyUG7RtuNKVGGEx6dCg 5VKBoid9XfpeGJP7TEhYGBHqhGCv86yrStxsFojHO1HcEP5Gs0lXGZgDH7s6/NLO +KaCLu1MV4z7JBy/izl8nykBGUO2cykaY4j/4oGToC7Fgj8i8og72OcTZtGmwba7 6eMgux/IW9poHyhl/EF/mjSs+FQhvFkY4egGNk8g36Rp3bLI4YGWGXnc3UwRLGTL 1D1vTjxcgd3ABf33joHMznkfuOnCMpkFxXgJo9S4BUrlPNnGSN2zX3Tzn4CWe23v QQIDAQAB -----END PUBLIC KEY-----   -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCfWT8AyJz0tHYZ /JVRzU1RilUSOdd/5SIjoQNJlVuzIBSaH2ZIAIhH7hTLJ9RRrEdPPJQbtG240pUY YTHp0KDlUoGiJ31d+l4Yk/tMSFgYEeqEYK/zrKtK3GwWiMc7UdwQ/kazSVcZmAMf uzr80s74poIu7UxXjPskHL+LOXyfKQEZQ7ZzKRpjiP/igZOgLsWCPyLyiDvY5xNm 0abBtrvp4yC7H8hb2mgfKGX8QX+aNKz4VCG8WRjh6AY2TyDfpGndssjhgZYZedzd TBEsZMvUPW9OPFyB3cAF/feOgczOeR+46cIymQXFeAmj1LgFSuU82cZI3bNfdPOf gJZ7be9BAgMBAAECggEAKwlLfsavvVdP3kzddy5fh3o456c/kIct5TmDTchM79/m MInycdfS9rpSW1vyd+xzhe7ygVkFmTkmk2MMu/1gtw7FfCn2Lf+EklbFNCEFydps 4DvMyZ8E1D8b4iomxNqi+OPz7FAOehcYIOXMVKQKyhUOa+YjDDJDUcmB4fQwuDtJ r7YU29rRNK+2of5bnxofW4Yn+oMDTzt5PpHeIgQu84sDJa102du7ADdbCch1togC n41fuLODFkxuG1sPyGNA82gVLe4w8ssQsR2hC8E4qfJFuWDVcFVSfiFrqX+t4NzE 6Ls2Yn6RqvJIdc1dRzqM5WS+qp0J4s8UAGx7Fq/3AQKBgQDP8GWiIhzhswLfBMMy tVRlQ3P6qp+0LH/C8/xE1dUb6XYzzHV+ZK3Sa8anJdDIuAs429T7z6vKwFKON6Rs fuxYnwdyrwSh5x2Dx84vhkaRXAiTt+iJM30SGjHICJGluk6gAR5/JH0iFVy0o0eq kaLq7jG/jQDTXDiDyIacyImvyQKBgQDELcnSkUT1wrv/3X94CZsMkN2BBJT2uAy1 mqY42O4Mp1x00brbL83PF33Qo9N6GCv7fnEof3YdzDMc0kbOA8NUUODI1TztPXfk vR3QY38RhYcv//zyeNwY128/Y/zjrAzLbQvH60R//C8vKjyXmK9D9H9azb5hFcsB DunXZ2gvuQKBgG3c87XAFEZjUEcIuyFVkOuXwfVUpOCLCk20nzq3R8thhCRGCGXp R7V/YAv7/N2v763w6AzLYlbTWkrttx/jx3fjPgon0mjANWXk8VlGto4idB2n82Ja I+Cmmlq3vEw1rUj4jmZanwqdAsgl5L2ICO3bP8mW9DK37Nwj3IuFoMmRAoGBAMD7 Xf8Coniz8KZZaOxXXqv00cD6FePB19bJ49wmIb5W4I+WRR8bHnUq4bxdfEot/w4u KviwsivL1Tfz7mz4rKyDxywo//9MqWVdWDfHuJcu6Haidly74Z+aRbhxDrOUax2u DpnCaScRmATooqRqMXdCzAkyPaZZftJyrjwUYBwZAoGARab2YQ/HRd6wjT7fJ72O JtAdGm/7xSq628uGu+YXPPq/R8+VW0vqlMBPBN35VXUl2oAIp0vFcpbY8GQ+3hVl mOdQ/dwxoo90D2MvzicR+hoR2RxLosFPGqdDxYvtW26bpgRRXTBmo9/aOoHOKHSX sfmHpX0Ylk8MXWwnK4skbWI= -----END PRIVATE KEY-----  

ACME账户密钥对

-----BEGIN PRIVATE KEY----- MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCcaXPAa/uf9z+3 bCY9pxEStavGZTcy/1+uTzMSBEryuuCP6C/DlhALZu42Pz7id3ZB5smMvIaZNkUz El3mT/Du0j9HXAmEfd3sheniBE2dagewvdO24/0pg6V/QwtqVmxGvcxTZZ5Gi5ZE VKTmLiFVSZTTraEZEORw3nQKgS29mvGaPsi7A51XjOzJFQHCn7IJRk9rwZ+tx5Ah Fwy3/9cblsLeMM6HeE8EkH9NLfQbbXyJ/I8oYWU58eWLXFOuoSFRJ1Pi3JCXbWtC u4QwzhDnEzJsw1pk7E/EobZGsntjbPSie/AOKjOH/72UD23wvnqadfSa8EbpzCC3 m7oVmu/hAgMBAAECggEATDUI47j5CVCTJ9A2tZU/uUjwn6JTCbLpMGmALYgP6EHr BdKP6xCjUprc92tLPVYNNUC39K0qO134y1Bolb1fW0zu7drG/FnDFemNMcT89/Rg ONnUXGiqwV5V9TJ6Tl47NSBmfD+npSF/nl1LVqclMIPAUn5nXmofk2qfSTr1SUqA 6kSj0w8KMsvwZ/IvXLNBqLSEHsqtVThmrm8kLHB8nwCEjFggIxjmuT2Iz3zCwb1w xdBiRcKEBakvnyD/+EBvoTjf1zMt76CYO9kLXvp/7HHsr/aGKLP+Bw149t0w7KNX K0gmkbF0BJk1J0a4K2DcfgohcxtlT1uCb/6GtR9B7QKBgQDKEmiZQejixHIUT37h w8UO2PP5z/T27OKUFWNEaya0ec3rUhjtsoX1dZi6YRWiNw0X/ZtUQIREUIHWvkID Jhs0QTZwUYljcP6J155YawSCm/sRAREEde9Y5MYoox1rp4enfFIvecE98tp06rc5 ybvVmlPoDSxpFgEppixDysiOFwKBgQDGJ4tqXMnXICC6ihCy5a7N103k7FOjIlrQ vuPbcuak2EbktGgkuns24e/Kp4jbSdFUA8GGaVAGq3yJ2RVqTICitGVCZUMBIPYJ fkfzEO80rz9Xj/UFwkQ5YrAPMhabQpuqBC7qpc6tTF70RIUpPXVfebPAVN4eqkPF b+MpdRjkxwKBgGwLv8YCieWGqIDXqL5KkTlJI9r1KMRHETeg3/0bVgy1/DbRJOcj x6DhihJOCuU7jlK/lahM/uwQJ/yMqntIis8790HDNzTmnBNUKSSZxEWZ5XrIGTNL Y/kiChp8bSS85TnWrZMZBQx8p/ZP8jyB819ZL3gqYw6lZ2W/pndxHB9tAoGANW3e OpywU9A24vVtUT97JceDGlHar2cJA7Yk7DwMErC6VNqMJjMeHAtJw+Puk+pQhg3J NbvZtyKwHt8o1hOwr65ii0eQjJJdpOum7NRJG3SRaMPJNndOPAbvH/nKfKy2Gl6s Y9q3YqTwCX8cRKVsq4S+QgLgLXaNdYQYxUnsn2sCgYAo0HZD/gGSkXpnd4AX9o5o kKd9axVzD7dR/jjduxI9RgXcgjnyw8znHBLlsaOUYezaQ+wveHv+vWRtiB1wsvsF 1zu601485CYZ0iG06E9TdyBbt2VC3NTP5KNsfTBE7LHpK1XPtKByeuKawiEB07Mb II1esRSxKgKzNdFE2mQF+g== -----END PRIVATE KEY-----  

生成密钥对的网站

扩展
需要注册才能申请ssl证书的网站