# 设置证书

## 创建 Route 53 URL

从你的域名创建 Route 53 URL，例如 caesar.internal.romeprotocol.xyz，以指向 EC2 服务器 IP。

## 开放端口

请确保远程服务器上的 HTTP（80）和 HTTPS（443）端口已开放。

使用你的云服务提供商的防火墙或安全组来开放这些端口。

## 获取证书

下面的 Certbot CLI 可帮助你获取 Let’s Encrypt 证书。

**注意：申请证书时，请使用你自己的电子邮件地址和域名。**

<pre class="language-bash"><code class="lang-bash">sudo apt install -y nginx
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
<strong>sudo certbot certonly --nginx -n -m rome@romeprotocol.com --agree-tos --domains caesar.internal.romeprotocol.xyz # 替换为你的邮箱和域名
</strong>sudo nginx -s stop
</code></pre>

## 验证证书生成

现在，请确保 fullchain.pem 和 privkey.pem 文件位于下面的目录中。

```bash
sudo ls /etc/letsencrypt/live/caesar.internal.romeprotocol.xyz
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.rome.builders/zh/legacy/rome-l2-setup/setup-your-l2/prep-remote-server/setup-certificate.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.