CentOS 7 Nginx Let' s Encrypt SSL 证书安装配置

Let’ s Encrypt 是一个免费的 SSL/TLS 证书发行机构, 证书有效期为90天, 到期前30内可续期, 实现永久免费.

本次安装使用的服务器配置:
DigitaIOcean VPS + CentOS 7 + Nginx 1.9.12

Let’ s Encrypt SSL 证书的的获取并不是像其他网站一样, 在页面上填写资申请证书, 而是需要在域名所在的服务器上安装一个客户端(python写的)去获取证书和续期.

使用 Certbot 客户端

Certbot 客户端是现在官方推荐的客户端

certbot 官网

客户端安装

获取证书

申请过程中要验证绑定的域名是否属于申请人, 其原理就是申请人在域名所在的服务器上申请证书, 然后 Let’ s Encrypt 会访问绑定的域名与客户端通信成功即可通过.

这 个验证的方法有两种, 一种需要停止当前的 web server 服务, 让出 80 端口, 由客户端内置的 web server 启动与 Let’ s Encrypt 通信. 另一种不需要停止当前 web server , 但需要在域名根目录下创建一个临时目录, 并要保证外网通过域名可以访问这个目录.

执行此命令后会生成证书, 保存在 /etc/letsencrypt/live 中对应的域名目录下面, 其实这里面并不是真正的证书文件,而是通过链接的形式链到了 /etc/letsencrypt/archive 中对应的域名目录下.

证书自动续期

renew 参数是官方推荐的续期方式, 使用这个参数会遍历 /etc/letsencrypt/live 下所有的证书, 如果证书在可续期的时间范围内(过期前30天内), 就会申请新的证书并替换原有证书, 否则跳过.

设置定时自动续期

可以将 certbot renew 命令加入到 cron 中定时执行

加入定时任务中

我这里设置为每月28号23点执行此脚本. 更新证书后重启 nginx.

保存退出

 

 

使用官方客户端

客户端安装

Let’ s Encrypt 的客户端托管在 github 上, 每次运行客户端都会先自动升级, 再运行最新的客户端, 所以需要安装 git. 因为是 python 写的程序, 所以需要安装 python.

下载客户端, 放到某路径下

运行一次客户端, 自动检查升级, 请确保内存足够多, 大概要几十兆吧.

如果没什么问题, 会显示帮助文档.

获取证书

通过客户端 web server 获取证书

通过临时目录获取证书

完成上面的操作即可获得 SSL 证书, 保存在 “/etc/letsencrypt/live/根域名/” 目录下, 会产生 4 个文件, 其中3个证书文件, 1个私钥文件. 不要移动证书的位置, 以免续期时出现错误.

证书自动续期

证书续期的命令如下

如果要指定更新某个域名的证书, 则要使用 certonly 参数, 其实和新申请证书时的命令差不多.

通过 cron 运行脚本的方式可以实现定时续期, 官方提供了脚本示例. https://letsencrypt.org/getting-started/ 最下面

最终脚本如下

将这段脚本保存为 letsencrypt-renew.sh

添加可执行权限

编辑 crontab 配置文件或执行 crontab -e 添加 cron 任务

我这里设置为每月28号23点执行此脚本.

保存退出即可.

 

配置 Nginx SSL 证书

找到 SSL 证书对应域名的 Server 段, 修改为如下设置(根据自身需求做调整)

保存配置, 重新加载 Nginx 配置或重启.

到这步, Nginx 的 SSL 证书就配置完成了, 打开浏览器访问网站就会启用 https, 看到绿色安全锁的图标.

规范页面中的链接

如果你发现浏览器中的安全锁上带有叹号, 说明页面中引用到了非 https 的链接, 你可能要花上一点时间来修改这些链接, 如果是本站资源, 可以使用相对地址, 如果是外部资源, 要先看外部资源是否支持 https, 如果支持改为 https 地址即可,如果不支持则要想办法替换为 https 资源或将资源保存到本地并使用相对地址.

CentOS 7 Nginx Let' s Encrypt SSL 证书安装配置》上有14条评论

  1. 你好,博主,我想请教下,为什么我一旦运行./letsencrypt-auto certonly –webroot –renew-by-default –email admin@itnmg.net -w /usr/share/nginx/html -d blog.itnmg.net -d itnmg.net -d http://www.itnmg.net 这条命令时,一直报错
    Failed authorization procedure. ceshi.cssnj.com.cn (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: DNS problem: NXDOMAIN looking up A for ceshi.cssnj.com.cn

    IMPORTANT NOTES:
    – The following errors were reported by the server:

    Domain: ceshi.cssnj.com.cn
    Type: connection
    Detail: DNS problem: NXDOMAIN looking up A for ceshi.cssnj.com.cn

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A record(s) for that domain
    contain(s) the right IP address. Additionally, please check that
    your computer has a publicly routable IP address and that no
    firewalls are preventing the server from communicating with the
    client. If you’re using the webroot plugin, you should also verify
    that you are serving files from the webroot path you provided.

    后面的域名,DNS问题出在哪啦?请指导一下,谢谢

  2. 博主您好,我按照你的文章中的方法配置之后,提示不是私密连接是为啥呢,麻烦帮忙看一下!https://www.iwwenbo.com

    • www.iwwenbo.com 使用了无效的安全证书。 该证书仅对 iwwenbo.com 有效。 错误代码: SSL_ERROR_BAD_CERT_DOMAIN
      你申请的证书只对根域名有效. 加了 www 就不行了.

  3. 这个是上面部分,到了Installing Python packages…会卡住几分钟,然后出问题

    Bootstrapping dependencies for RedHat-based OSes…
    yum is /usr/bin/yum
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
    * base: centos.mirror.iweb.ca
    * epel: mirrors.kernel.org
    * extras: centos.mirror.iweb.ca
    * updates: centos.mirror.iweb.ca
    Package python-2.7.5-34.el7.x86_64 already installed and latest version
    Package python-devel-2.7.5-34.el7.x86_64 already installed and latest version
    Package python-virtualenv-1.10.1-2.el7.noarch already installed and latest version
    Package python-tools-2.7.5-34.el7.x86_64 already installed and latest version
    Package python-pip-7.1.0-1.el7.noarch already installed and latest version
    Nothing to do
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
    * base: centos.mirror.iweb.ca
    * epel: mirror.sfo12.us.leaseweb.net
    * extras: centos.mirror.iweb.ca
    * updates: centos.mirror.iweb.ca
    Package gcc-4.8.5-4.el7.x86_64 already installed and latest version
    Package dialog-1.2-4.20130523.el7.x86_64 already installed and latest version
    Package augeas-libs-1.4.0-2.el7.x86_64 already installed and latest version
    Package 1:openssl-1.0.1e-51.el7_2.4.x86_64 already installed and latest version
    Package 1:openssl-devel-1.0.1e-51.el7_2.4.x86_64 already installed and latest version
    Package libffi-devel-3.0.13-16.el7.x86_64 already installed and latest version
    Package redhat-rpm-config-9.1.0-68.el7.centos.noarch already installed and latest version
    Package ca-certificates-2015.2.6-70.1.el7_2.noarch already installed and latest version
    Nothing to do
    Checking for new version…
    Creating virtual environment…
    Installing Python packages…

  4. 你好,我在运行./letsencrypt-auto –help的时候出了问题,最下面我更新了pip,还是会有版本提示,这是什么原因呢,我是在root目录下拉的letsencrypt
    Installing Python packages…
    Had a problem while installing Python packages:
    Collecting argparse==1.4.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 5))
    Downloading argparse-1.4.0-py2.py3-none-any.whl
    Collecting pycparser==2.14 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 11))
    Downloading pycparser-2.14.tar.gz (223kB)
    Collecting cffi==1.4.2 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 14))
    Downloading cffi-1.4.2.tar.gz (365kB)
    Collecting ConfigArgParse==0.10.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 31))
    Downloading ConfigArgParse-0.10.0.tar.gz
    Collecting configobj==5.0.6 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 33))
    Downloading configobj-5.0.6.tar.gz
    Collecting cryptography==1.2.3 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 35))
    Downloading cryptography-1.2.3.tar.gz (373kB)
    Collecting enum34==1.1.2 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 57))
    Downloading enum34-1.1.2.tar.gz (46kB)
    Collecting funcsigs==0.4 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 60))
    Downloading funcsigs-0.4-py2.py3-none-any.whl
    Collecting idna==2.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 63))
    Downloading idna-2.0-py2.py3-none-any.whl (61kB)
    Collecting ipaddress==1.0.16 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 66))
    Downloading ipaddress-1.0.16-py27-none-any.whl
    Collecting linecache2==1.0.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 69))
    Downloading linecache2-1.0.0-py2.py3-none-any.whl
    Collecting ndg-httpsclient==0.4.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 72))
    Downloading ndg_httpsclient-0.4.0.tar.gz
    Collecting ordereddict==1.1 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 74))
    Downloading ordereddict-1.1.tar.gz
    Collecting parsedatetime==2.1 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 76))
    Downloading parsedatetime-2.1-py2-none-any.whl
    Collecting pbr==1.8.1 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 79))
    Downloading pbr-1.8.1-py2.py3-none-any.whl (89kB)
    Collecting psutil==3.3.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 82))
    Downloading psutil-3.3.0.tar.gz (261kB)
    Collecting pyasn1==0.1.9 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 104))
    Downloading pyasn1-0.1.9-py2.py3-none-any.whl
    Collecting pyOpenSSL==0.15.1 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 116))
    Downloading pyOpenSSL-0.15.1-py2.py3-none-any.whl (102kB)
    Collecting pyRFC3339==1.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 119))
    Downloading pyRFC3339-1.0-py2.py3-none-any.whl
    Collecting python-augeas==0.5.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 122))
    Downloading python-augeas-0.5.0.tar.gz (90kB)
    Collecting python2-pythondialog==3.3.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 124))
    Downloading python2-pythondialog-3.3.0.tar.bz2 (1.8MB)
    Collecting pytz==2015.7 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 127))
    Downloading pytz-2015.7-py2.py3-none-any.whl (476kB)
    Collecting requests==2.9.1 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 141))
    Downloading requests-2.9.1-py2.py3-none-any.whl (501kB)
    Collecting six==1.10.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 144))
    Downloading six-1.10.0-py2.py3-none-any.whl
    Collecting traceback2==1.4.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 147))
    Downloading traceback2-1.4.0-py2.py3-none-any.whl
    Collecting unittest2==1.1.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 150))
    Downloading unittest2-1.1.0-py2.py3-none-any.whl (96kB)
    Collecting zope.component==4.2.2 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 153))
    Downloading zope.component-4.2.2.tar.gz (546kB)
    Collecting zope.event==4.1.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 155))
    Downloading zope.event-4.1.0.tar.gz (476kB)
    Collecting zope.interface==4.1.3 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 157))
    Downloading zope.interface-4.1.3.tar.gz (141kB)
    Collecting mock==1.0.1 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 175))
    Downloading mock-1.0.1.zip (861kB)
    Collecting acme==0.5.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 181))
    Downloading acme-0.5.0-py2.py3-none-any.whl (91kB)
    Collecting letsencrypt==0.5.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 184))
    Downloading letsencrypt-0.5.0-py2-none-any.whl (208kB)
    Collecting letsencrypt-apache==0.5.0 (from -r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 187))
    Downloading letsencrypt_apache-0.5.0-py2-none-any.whl (100kB)
    Requirement already satisfied (use –upgrade to upgrade): setuptools>=1.0 in /root/.local/share/letsencrypt/lib/python2.7/site-packages (from cryptography==1.2.3->-r /tmp/tmp.q0RJfFNDgB/letsencrypt-auto-requirements.txt (line 35))
    Installing collected packages: argparse, pycparser, cffi, ConfigArgParse, six, configobj, idna, pyasn1, enum34, ipaddress, cryptography, funcsigs, linecache2, pyOpenSSL, ndg-httpsclient, ordereddict, parsedatetime, pbr, psutil, pytz, pyRFC3339, python-augeas, python2-pythondialog, requests, traceback2, unittest2, zope.interface, zope.event, zope.component, mock, acme, letsencrypt, letsencrypt-apache
    Running setup.py install for pycparser: started
    Running setup.py install for pycparser: finished with status ‘done’
    Running setup.py install for cffi: started
    Running setup.py install for cffi: finished with status ‘done’
    Running setup.py install for ConfigArgParse: started
    Running setup.py install for ConfigArgParse: finished with status ‘done’
    Running setup.py install for configobj: started
    Running setup.py install for configobj: finished with status ‘done’
    Running setup.py install for enum34: started
    Running setup.py install for enum34: finished with status ‘done’
    Running setup.py install for cryptography: started
    Running setup.py install for cryptography: still running…
    Running setup.py install for cryptography: finished with status ‘error’
    Complete output from command /root/.local/share/letsencrypt/bin/python2.7 -u -c “import setuptools, tokenize;__file__=’/tmp/pip-build-uYHFZD/cryptography/setup.py’;exec(compile(getattr(tokenize, ‘open’, open)(__file__).read().replace(‘rn’, ‘n’), __file__, ‘exec’))” install –record /tmp/pip-mldWY_-record/install-record.txt –single-version-externally-managed –compile –install-headers /root/.local/share/letsencrypt/include/site/python2.7/cryptography:
    running install
    running build
    running build_py
    creating build
    creating build/lib.linux-x86_64-2.7
    creating build/lib.linux-x86_64-2.7/cryptography
    copying src/cryptography/__init__.py -> build/lib.linux-x86_64-2.7/cryptography
    copying src/cryptography/__about__.py -> build/lib.linux-x86_64-2.7/cryptography
    copying src/cryptography/fernet.py -> build/lib.linux-x86_64-2.7/cryptography
    copying src/cryptography/exceptions.py -> build/lib.linux-x86_64-2.7/cryptography
    copying src/cryptography/utils.py -> build/lib.linux-x86_64-2.7/cryptography
    creating build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/name.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/general_name.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/base.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/extensions.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/oid.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat
    copying src/cryptography/hazmat/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/backends
    copying src/cryptography/hazmat/backends/multibackend.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends
    copying src/cryptography/hazmat/backends/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends
    copying src/cryptography/hazmat/backends/interfaces.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/keywrap.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/cmac.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/hashes.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/constant_time.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/hmac.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/serialization.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/padding.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings
    copying src/cryptography/hazmat/bindings/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/ciphers.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/cmac.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/hashes.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/x509.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/dsa.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/hmac.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/ec.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/backend.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/rsa.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/utils.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    copying src/cryptography/hazmat/backends/commoncrypto/ciphers.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    copying src/cryptography/hazmat/backends/commoncrypto/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    copying src/cryptography/hazmat/backends/commoncrypto/hashes.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    copying src/cryptography/hazmat/backends/commoncrypto/hmac.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    copying src/cryptography/hazmat/backends/commoncrypto/backend.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/twofactor
    copying src/cryptography/hazmat/primitives/twofactor/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/twofactor
    copying src/cryptography/hazmat/primitives/twofactor/totp.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/twofactor
    copying src/cryptography/hazmat/primitives/twofactor/utils.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/twofactor
    copying src/cryptography/hazmat/primitives/twofactor/hotp.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/twofactor
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/dsa.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/dh.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/ec.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/padding.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/rsa.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/utils.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    copying src/cryptography/hazmat/primitives/kdf/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    copying src/cryptography/hazmat/primitives/kdf/x963kdf.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    copying src/cryptography/hazmat/primitives/kdf/concatkdf.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    copying src/cryptography/hazmat/primitives/kdf/hkdf.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    copying src/cryptography/hazmat/primitives/kdf/pbkdf2.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/ciphers
    copying src/cryptography/hazmat/primitives/ciphers/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/ciphers
    copying src/cryptography/hazmat/primitives/ciphers/algorithms.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/ciphers
    copying src/cryptography/hazmat/primitives/ciphers/modes.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/ciphers
    copying src/cryptography/hazmat/primitives/ciphers/base.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/ciphers
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/interfaces
    copying src/cryptography/hazmat/primitives/interfaces/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/interfaces
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/openssl
    copying src/cryptography/hazmat/bindings/openssl/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/openssl
    copying src/cryptography/hazmat/bindings/openssl/_conditional.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/openssl
    copying src/cryptography/hazmat/bindings/openssl/binding.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/openssl
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/commoncrypto
    copying src/cryptography/hazmat/bindings/commoncrypto/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/commoncrypto
    copying src/cryptography/hazmat/bindings/commoncrypto/binding.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/commoncrypto
    running egg_info
    writing requirements to src/cryptography.egg-info/requires.txt
    writing src/cryptography.egg-info/PKG-INFO
    writing top-level names to src/cryptography.egg-info/top_level.txt
    writing dependency_links to src/cryptography.egg-info/dependency_links.txt
    writing entry points to src/cryptography.egg-info/entry_points.txt
    warning: manifest_maker: standard file ‘-c’ not found

    reading manifest file ‘src/cryptography.egg-info/SOURCES.txt’
    reading manifest template ‘MANIFEST.in’
    no previously-included directories found matching ‘docs/_build’
    warning: no previously-included files matching ‘*’ found under directory ‘vectors’
    writing manifest file ‘src/cryptography.egg-info/SOURCES.txt’
    running build_ext
    generating cffi module ‘build/temp.linux-x86_64-2.7/_padding.c’
    creating build/temp.linux-x86_64-2.7
    generating cffi module ‘build/temp.linux-x86_64-2.7/_constant_time.c’
    generating cffi module ‘build/temp.linux-x86_64-2.7/_openssl.c’
    building ‘_openssl’ extension
    creating build/temp.linux-x86_64-2.7/build
    creating build/temp.linux-x86_64-2.7/build/temp.linux-x86_64-2.7
    gcc -pthread -fno-strict-aliasing -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong –param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -D_GNU_SOURCE -fPIC -fwrapv -DNDEBUG -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong –param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -D_GNU_SOURCE -fPIC -fwrapv -fPIC -I/usr/include/python2.7 -c build/temp.linux-x86_64-2.7/_openssl.c -o build/temp.linux-x86_64-2.7/build/temp.linux-x86_64-2.7/_openssl.o
    {standard input}: Assembler messages:
    {standard input}:107153: Warning: partial line at end of file ignored
    {standard input}: Error: open CFI at the end of file; missing .cfi_endproc directive
    gcc: internal compiler error: Killed (program cc1)
    Please submit a full bug report,
    with preprocessed source if appropriate.
    See for instructions.
    error: command ‘gcc’ failed with exit status 4

    —————————————-
    Command “/root/.local/share/letsencrypt/bin/python2.7 -u -c “import setuptools, tokenize;__file__=’/tmp/pip-build-uYHFZD/cryptography/setup.py’;exec(compile(getattr(tokenize, ‘open’, open)(__file__).read().replace(‘rn’, ‘n’), __file__, ‘exec’))” install –record /tmp/pip-mldWY_-record/install-record.txt –single-version-externally-managed –compile –install-headers /root/.local/share/letsencrypt/include/site/python2.7/cryptography” failed with error code 1 in /tmp/pip-build-uYHFZD/cryptography
    You are using pip version 8.0.3, however version 8.1.1 is available.
    You should consider upgrading via the ‘pip install –upgrade pip’ command.

发表评论

电子邮件地址不会被公开。 必填项已用*标注