# 将EPEL扩展库添加到CentOS 7
$ yum install epel-release

# 安装snapd
$ yum install snapd

# 启用snapd.socket
$ systemctl enable --now snapd.socket

# 创建软链接，用来启用classic snap支持
$ ln -s /var/lib/snapd/snap /snap

# 确保snapd版本是最新的
$ snap install core
$ snap refresh core

# 移除yum上的certbot，进一步确保certbot是通过snap安装的
$ yum remove certbot
$ snap install --classic certbot
$ ln -s /snap/bin/certbot /usr/bin/certbot

$ apt update
$ apt install snapd
$ snap install core
$ snap refresh core
$ snap install --classic certbot
$ ln -s /snap/bin/certbot /usr/bin/certbot

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): #这里输入域名 如果是泛域名请输入 *.example.com 这里以*.example.com举例
Requesting a certificate for *.example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name:

_acme-challenge.example.com.

with the following value:

ldjemqlmhqoBLiU7DFc5eA-w58NC7Ub9pRvErizKQpw

Before continuing, verify the TXT record has been deployed. Depending on the DNS
provider, this may take some time, from a few seconds to multiple minutes. You can
check if it has finished deploying with aid of online tools, such as the Google
Admin Toolbox: https://toolbox.googleapps.com/apps/dig/#TXT/_acme-challenge.example.com.
Look for one or more bolded line(s) below the line ';ANSWER'. It should show the
value(s) you've just added.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue


#这里按照上方提示 在DNS解析中添加 TXT记录 _acme-challenge.example.com 值为 上面的  ldjemqlmhqoBLiU7DFc5eA-w58NC7Ub9pRvErizKQpw 需注意每次运行的TXT记录值会改变

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/example.com-0001/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/example.com-0001/privkey.pem
This certificate expires on 2024-08-11.
These files will be updated when the certificate renews.

NEXT STEPS:
- This certificate will not be renewed automatically. Autorenewal of --manual certificates requires the use of an authentication hook script (--manual-auth-hook) but one was not provided. To renew this certificate, repeat this same certbot command before the certificate's expiry date.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
 * Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 * Donating to EFF:                    https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -