前置条件 : 已经购买或租用的域名

操作步骤

1. 打开申请页面
2. 然后按照顺序填写上面的内容
3. 然后就签发成功了

好了下面是具体的步骤

操作步骤

1. 打开页面

2. 步骤一选择Let's Encrypt

3. 步骤二域名填写你的域名

4. 证书私钥填写下面的证书私钥或者自己生成RSA2048的私钥也行

5. ACME账户私钥填写下面的账户私钥或者自己生成RSA2048的私钥也行

6. 邮箱填写自己的邮箱

7. 然后确认之后进入第二步

8. 域名管理添加子域名和text记录

9. 验证通过之后下载key文件和证书文件
   10.然后就可以得到一个服务器站点证书了

10. 需要pfx的可以通过工具将私钥和证书合并成pfx

更新证书时步骤和上面一致
可以将账户私钥进行保存,方便更新使用

生成pfx

package com.example.pfx;import com.example.demo.cipher.util.PfxUtil;import org.bouncycastle.util.encoders.Base64;import org.bouncycastle.util.encoders.Hex;import org.junit.jupiter.api.Test;import java.security.PrivateKey;import java.security.cert.Certificate;/** * @author lidg * @date 2023/9/11 12:08 * @desc */public class PfxTest {    @Test    public void genPfxTest() throws Exception {        // 上面的证书私钥,p8格式的私钥        String privateKeyStr = "";        // 签发出来的证书        String cert = "";        // pfx的保护密码        String passwd = "12345678";        // 解析私钥        PrivateKey privateKey = PfxUtil.parsePrivateKey(Base64.decode(privateKeyStr));        //  解析证书        Certificate certificate = PfxUtil.parseCert(Base64.decode(cert));        // 生成pfx        PfxUtil.genPfx(privateKey, certificate, passwd, "myPfx.pfx");    }}

PfxUtil.java

/** * @author lidg * @date 2023/9/11 14:39 * @desc */public class PfxUtil {    static {        // 注册bc库        Security.addProvider(new BouncyCastleProvider());    }    public static void genPfx(PrivateKey privateKey, Certificate certificate, String pwd, String outPath) throws Exception {        try (FileOutputStream fos = new FileOutputStream(outPath)) {            // 创建一个密钥存储对象，指定类型为PKCS#12            KeyStore keyStore = KeyStore.getInstance("PKCS12");            // 初始化密钥存储对象并设置口令            keyStore.load(null, null);            // 将私钥、公钥和证书添加到密钥存储对象中，指定别名和口令            // 指定一个别名            String alias = "myAlias";            keyStore.setKeyEntry(alias, privateKey, pwd.toCharArray(), new Certificate[]{certificate});            // 将密钥存储对象保存到文件或输出流中            keyStore.store(fos, pwd.toCharArray());        } catch (Exception e) {            throw new Exception("构造pfx失败", e);        }    }                public static PrivateKey parsePrivateKey(byte[] p8PrivateBytes) throws Exception {        // 创建一个私钥规范对象        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(p8PrivateBytes);        // 创建一个密钥工厂对象        KeyFactory keyFactory = KeyFactory.getInstance("RSA");        // 生成一个私钥对象        PrivateKey privateKey = keyFactory.generatePrivate(keySpec);        // 返回私钥对象        return privateKey;    }    public static Certificate parseCert(byte[] x509CertBytes){        try {            // 创建一个证书工厂对象，指定类型为X.509            CertificateFactory cf = CertificateFactory.getInstance("X.509");            // 生成一个证书对象            Certificate certificate = cf.generateCertificate(new ByteArrayInputStream(x509CertBytes));            // 返回证书对象            return certificate;        } catch (CertificateException e) {            System.out.println("解析失败");            throw new RuntimeException(e);        }    }}

站点证书密钥对： RSA2048

-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1k/AMic9LR2GfyVUc1NUYpVEjnXf+UiI6EDSZVbsyAUmh9mSACIR+4UyyfUUaxHTzyUG7RtuNKVGGEx6dCg5VKBoid9XfpeGJP7TEhYGBHqhGCv86yrStxsFojHO1HcEP5Gs0lXGZgDH7s6/NLO+KaCLu1MV4z7JBy/izl8nykBGUO2cykaY4j/4oGToC7Fgj8i8og72OcTZtGmwba76eMgux/IW9poHyhl/EF/mjSs+FQhvFkY4egGNk8g36Rp3bLI4YGWGXnc3UwRLGTL1D1vTjxcgd3ABf33joHMznkfuOnCMpkFxXgJo9S4BUrlPNnGSN2zX3Tzn4CWe23vQQIDAQAB-----END PUBLIC KEY----------BEGIN PRIVATE KEY-----MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCfWT8AyJz0tHYZ/JVRzU1RilUSOdd/5SIjoQNJlVuzIBSaH2ZIAIhH7hTLJ9RRrEdPPJQbtG240pUYYTHp0KDlUoGiJ31d+l4Yk/tMSFgYEeqEYK/zrKtK3GwWiMc7UdwQ/kazSVcZmAMfuzr80s74poIu7UxXjPskHL+LOXyfKQEZQ7ZzKRpjiP/igZOgLsWCPyLyiDvY5xNm0abBtrvp4yC7H8hb2mgfKGX8QX+aNKz4VCG8WRjh6AY2TyDfpGndssjhgZYZedzdTBEsZMvUPW9OPFyB3cAF/feOgczOeR+46cIymQXFeAmj1LgFSuU82cZI3bNfdPOfgJZ7be9BAgMBAAECggEAKwlLfsavvVdP3kzddy5fh3o456c/kIct5TmDTchM79/mMInycdfS9rpSW1vyd+xzhe7ygVkFmTkmk2MMu/1gtw7FfCn2Lf+EklbFNCEFydps4DvMyZ8E1D8b4iomxNqi+OPz7FAOehcYIOXMVKQKyhUOa+YjDDJDUcmB4fQwuDtJr7YU29rRNK+2of5bnxofW4Yn+oMDTzt5PpHeIgQu84sDJa102du7ADdbCch1togCn41fuLODFkxuG1sPyGNA82gVLe4w8ssQsR2hC8E4qfJFuWDVcFVSfiFrqX+t4NzE6Ls2Yn6RqvJIdc1dRzqM5WS+qp0J4s8UAGx7Fq/3AQKBgQDP8GWiIhzhswLfBMMytVRlQ3P6qp+0LH/C8/xE1dUb6XYzzHV+ZK3Sa8anJdDIuAs429T7z6vKwFKON6RsfuxYnwdyrwSh5x2Dx84vhkaRXAiTt+iJM30SGjHICJGluk6gAR5/JH0iFVy0o0eqkaLq7jG/jQDTXDiDyIacyImvyQKBgQDELcnSkUT1wrv/3X94CZsMkN2BBJT2uAy1mqY42O4Mp1x00brbL83PF33Qo9N6GCv7fnEof3YdzDMc0kbOA8NUUODI1TztPXfkvR3QY38RhYcv//zyeNwY128/Y/zjrAzLbQvH60R//C8vKjyXmK9D9H9azb5hFcsBDunXZ2gvuQKBgG3c87XAFEZjUEcIuyFVkOuXwfVUpOCLCk20nzq3R8thhCRGCGXpR7V/YAv7/N2v763w6AzLYlbTWkrttx/jx3fjPgon0mjANWXk8VlGto4idB2n82JaI+Cmmlq3vEw1rUj4jmZanwqdAsgl5L2ICO3bP8mW9DK37Nwj3IuFoMmRAoGBAMD7Xf8Coniz8KZZaOxXXqv00cD6FePB19bJ49wmIb5W4I+WRR8bHnUq4bxdfEot/w4uKviwsivL1Tfz7mz4rKyDxywo//9MqWVdWDfHuJcu6Haidly74Z+aRbhxDrOUax2uDpnCaScRmATooqRqMXdCzAkyPaZZftJyrjwUYBwZAoGARab2YQ/HRd6wjT7fJ72OJtAdGm/7xSq628uGu+YXPPq/R8+VW0vqlMBPBN35VXUl2oAIp0vFcpbY8GQ+3hVlmOdQ/dwxoo90D2MvzicR+hoR2RxLosFPGqdDxYvtW26bpgRRXTBmo9/aOoHOKHSXsfmHpX0Ylk8MXWwnK4skbWI=-----END PRIVATE KEY-----

ACME账户密钥对

-----BEGIN PRIVATE KEY-----MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCcaXPAa/uf9z+3bCY9pxEStavGZTcy/1+uTzMSBEryuuCP6C/DlhALZu42Pz7id3ZB5smMvIaZNkUzEl3mT/Du0j9HXAmEfd3sheniBE2dagewvdO24/0pg6V/QwtqVmxGvcxTZZ5Gi5ZEVKTmLiFVSZTTraEZEORw3nQKgS29mvGaPsi7A51XjOzJFQHCn7IJRk9rwZ+tx5AhFwy3/9cblsLeMM6HeE8EkH9NLfQbbXyJ/I8oYWU58eWLXFOuoSFRJ1Pi3JCXbWtCu4QwzhDnEzJsw1pk7E/EobZGsntjbPSie/AOKjOH/72UD23wvnqadfSa8EbpzCC3m7oVmu/hAgMBAAECggEATDUI47j5CVCTJ9A2tZU/uUjwn6JTCbLpMGmALYgP6EHrBdKP6xCjUprc92tLPVYNNUC39K0qO134y1Bolb1fW0zu7drG/FnDFemNMcT89/RgONnUXGiqwV5V9TJ6Tl47NSBmfD+npSF/nl1LVqclMIPAUn5nXmofk2qfSTr1SUqA6kSj0w8KMsvwZ/IvXLNBqLSEHsqtVThmrm8kLHB8nwCEjFggIxjmuT2Iz3zCwb1wxdBiRcKEBakvnyD/+EBvoTjf1zMt76CYO9kLXvp/7HHsr/aGKLP+Bw149t0w7KNXK0gmkbF0BJk1J0a4K2DcfgohcxtlT1uCb/6GtR9B7QKBgQDKEmiZQejixHIUT37hw8UO2PP5z/T27OKUFWNEaya0ec3rUhjtsoX1dZi6YRWiNw0X/ZtUQIREUIHWvkIDJhs0QTZwUYljcP6J155YawSCm/sRAREEde9Y5MYoox1rp4enfFIvecE98tp06rc5ybvVmlPoDSxpFgEppixDysiOFwKBgQDGJ4tqXMnXICC6ihCy5a7N103k7FOjIlrQvuPbcuak2EbktGgkuns24e/Kp4jbSdFUA8GGaVAGq3yJ2RVqTICitGVCZUMBIPYJfkfzEO80rz9Xj/UFwkQ5YrAPMhabQpuqBC7qpc6tTF70RIUpPXVfebPAVN4eqkPFb+MpdRjkxwKBgGwLv8YCieWGqIDXqL5KkTlJI9r1KMRHETeg3/0bVgy1/DbRJOcjx6DhihJOCuU7jlK/lahM/uwQJ/yMqntIis8790HDNzTmnBNUKSSZxEWZ5XrIGTNLY/kiChp8bSS85TnWrZMZBQx8p/ZP8jyB819ZL3gqYw6lZ2W/pndxHB9tAoGANW3eOpywU9A24vVtUT97JceDGlHar2cJA7Yk7DwMErC6VNqMJjMeHAtJw+Puk+pQhg3JNbvZtyKwHt8o1hOwr65ii0eQjJJdpOum7NRJG3SRaMPJNndOPAbvH/nKfKy2Gl6sY9q3YqTwCX8cRKVsq4S+QgLgLXaNdYQYxUnsn2sCgYAo0HZD/gGSkXpnd4AX9o5okKd9axVzD7dR/jjduxI9RgXcgjnyw8znHBLlsaOUYezaQ+wveHv+vWRtiB1wsvsF1zu601485CYZ0iG06E9TdyBbt2VC3NTP5KNsfTBE7LHpK1XPtKByeuKawiEB07MbII1esRSxKgKzNdFE2mQF+g==-----END PRIVATE KEY-----

生成密钥对的网站

扩展
需要注册才能申请ssl证书的网站