手工升级过期ssl 证书，权限配置

www.ssllabs.com 测试证书是否正常。

https://www.ssllabs.com/ssltest/analyze.html?d=10086cn&hideResults=on

certbot升级过期证书, 手工升级

https://blog.csdn.net/weixin_34037173/article/details/92183362

https://blog.51cto.com/wzlinux/2385116?source=dra

Debian 10 系统免域名 tro-tool 使用教程

将 tro-tool 用户设置为较低权限的用户

www.rultr.com/tutorials/vps/3801.html

wiki.archlinux.org/index.php/tro-tool

tro-tool-tutor.github.io/2019/04/10/p41.html

rm -rf nginx.conf sites-available/ sites-enabled/ nginxconfig.io/

sudo tar xvf nginx_2019-10-05_07-14-36-yuanlai.tar.gz

ps -ef|grep nginx

sudo kill -quit 12606

sudo certbot certonly --cert-name 10086cn

sudo certbot certonly --cert-name support.10086cn

sudo /etc/init.d/nginx start

curl -L 10086cn

sudo cat /etc/tro-tool/privkey.pem

sudo systemctl status tro-tool.service

ps -ef | grep tro-tool

sudo systemctl enable tro-tool.service

sudo systemctl disable tro-tool.service

sudo systemctl enable tro-tool.service

sudo systemctl start tro-tool

sudo systemctl status tro-tool

sudo kill -quit 1265

sudo /usr/bin/tro-tool -c /etc/tro-tool/config.json -k /etc/tro-tool/keylog -l /etc/tro-tool/access

cat /lib/systemd/system/tro-tool.service

cat /lib/systemd/system/nginx.service

cd /lib/systemd/system/

sudo chown -R nobody:nobody /etc/tro-tool

sudo chown -R nobody /etc/tro-tool

sudo service tro-tool status

sudo systemctl start tro-tool

sudo systemctl status tro-tool

手工升级 过期ssl 证书， 权限配置