HTTPS\u7684\u57fa\u672c\u539f\u7406<\/strong><\/span><\/div>\n
\u516c\u94a5\u79c1\u94a5 ssh-keygen -t rsa -C \u201cnew email\u201d\u8bc1\u4e66\uff0c\u516c\u94a5\u52a0\u4e0aCA\u7684\u8ba4\u8bc1<\/p>\n
CA\u662f\u9881\u53d1\u53d7\u4fe1\u4efb\u7684\u8bc1\u4e66\u7684\u673a\u6784<\/strong><\/span><\/div>\n
TLS1.2\u662f\u76ee\u524d\u6700\u9ad8\u7248\u672c\uff0c\u8fd8\u6ca1\u6709\u53d1\u73b0bug\u3002\u4e0d\u8981\u9009\u62e9SSL\uff0cTLS\u662fSSL\u7684\u540e\u7eed\u7248\u672c\uff0c\u6bd4SSL\u66f4\u52a0\u5b89\u5168\u3002OpenSSL\u662f\u652f\u6301TLS\u7684\u3002<\/p>\n
\u5173\u4e8e\u4e00\u7cfb\u5217\u7684RSA\u52a0\u5bc6\u89e3\u5bc6\uff0c\u5305\u62ec\u5bf9\u79f0\u52a0\u89e3\u5bc6\uff0cSHA\u6458\u8981\u7b7e\u540d\u7b49\uff0c\u6ce8\u610f\u7406\u89e3\u5176\u539f\u7406\u5373\u53ef\u3002\u5176\u4e2dSHA1\u5df2\u88ab\u5c71\u4e1c\u5927\u5b66\u7684\u738b\u5c0f\u4e91\u6559\u6388\u7834\u89e3\uff0c\u6539\u7528SHA2.<\/p>\n
302\u6d4f\u89c8\u5668\u7aef\u8df3\u8f6c\u9700\u8981\u91cd\u65b0\u8fdb\u884ctcp\u63e1\u624b<\/strong><\/span><\/div>\n
\u670d\u52a1\u5668\u7aef\u53d1\u9001\u7684\u8bc1\u4e66\uff0c\u6d4f\u89c8\u5668\u9700\u8981\u5230\u5176CA\u8fdb\u884c\u9a8c\u8bc1\u662f\u5426\u53ef\u4fe1<\/p>\n
\u8bc1\u4e66\u79c1\u94a5\u4e3b\u8981\u7528\u6765\u534f\u5546\u5bf9\u79f0\u52a0\u5bc6\u79d8\u94a5<\/p>\n
\u7533\u8bf7\u8bc1\u4e66<\/strong><\/span><\/div>\n
StartSSL\u662f\u4e00\u4e2a\u514d\u8d39\u7684\u5168\u7403\u8303\u56f4\u8ba4\u8bc1\u7684\u8bc1\u4e66\u63d0\u4f9b\u5546\u3002\u5177\u4f53\u7684\u6ce8\u518c\u4ee5\u53ca\u4f7f\u7528\u53c2\u8003\u5176\u5b98\u7f51,\u8fd9\u7bc7\u535a\u6587\u8bb2\u89e3\u5f97\u8fd8\u662f\u6bd4\u8f83\u7ec6\u81f4\u7684\u3002<\/p>\n
nginx\u914d\u7f6e\u652f\u6301<\/strong><\/span><\/div>\n
\r\n#redirect to https\r\nserver {\r\n listen 80;\r\n server_name blog.huachao.me;\r\n return 301 https:\/\/$server_name$request_uri;\r\n}\r\n<\/pre>\n
proxy & ssl<\/strong><\/span><\/div>\n
\r\nserver {\r\n listen 443 ssl;\r\n server_name blog.huachao.me;\r\n ssl on;\r\n ssl_certificate \/path\/to\/cert_file;\r\n ssl_certificate_key \/path\/to\/private_key;\r\n location \/ {\r\n proxy_pass http:\/\/localhost:port;\r\n }\r\n}\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
\u516c\u94a5\u79c1\u94a5 ssh-keygen -t rsa -C \u201cnew email\u201d\u8bc1\u4e66\uff0c\u516c\u94a5\u52a0\u4e0aCA\u7684\u8ba4\u8bc1 TLS1. […]<\/p>\n","protected":false},"author":668,"featured_media":51994,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[55],"tags":[],"class_list":["post-139196","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-thread"],"acf":[],"_links":{"self":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/139196","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/users\/668"}],"replies":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/comments?post=139196"}],"version-history":[{"count":4,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/139196\/revisions"}],"predecessor-version":[{"id":139268,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/139196\/revisions\/139268"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media\/51994"}],"wp:attachment":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media?parent=139196"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/categories?post=139196"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/tags?post=139196"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}