当前位置: 首页 > article >正文

http传输协议的加密

article 2025/8/28 20:05:27

创建目录存放签证

[root@server100 ~]# mkdir /etc/nginx/certs
[root@server100 ~]# openssl req -newkey rsa:2048 -nodes -sha256 -keyout /etc/nginx/certs/timinglee.org.key -x509 -days 365 -out /etc/nginx/certs/timinglee.org.crt
..........+......+......+......+...+....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+.+..+...+....+..+...+......+.+...+........+...+.......+...+..+....+.........+...............+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.......+.....+.........+.......+...+..............+.......+.........+.....+....+..+.+...+..+.........+......+...+.+......+..............................+........+.+...+.....+..........+..+.+........+..........+......+........+.............+.....+...+......+....+......+.....+.+..+...+......................+...+...+...............+..+.......+..+....+.....+.+......+...+..+...+....+..+.+..+.+....................+......+......+.........+......+.......+......+..+.............+......+........+...+....+....................+....+............+........+.+....................+...+.......+...+.....+.+.....+.......+..+.......+.....+...+......+.........+..........+.....+.......+...........+...............+.........+....+....................+....+......+.....+......+....+......+...+..+...+...+..........+..............+.+..+...............+.+.....+....+...+..+......+.+...+...+..+.......+........+......+.+......+.....+...+.+.....+.+..............+...+.+..+.........+...+.............+.....+.........+..........+.........+.....+......+...+..........+..+.+........................+........+.+............+..+...+....+......+...+...............+..+...+......+.............+..+.+..................+......+...+...........+.+...+........+...................+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
........+..+.........+....+.....+.+.................+....+......+..+......+.+.........+.....+.+........+.+.........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+...+..+.+........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+..+...+....+...+..+...+...............+..................+...+.+......+.................+............+.........+...................+......+.....+......+.........+....+...+.....+...+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Shanxi
Locality Name (eg, city) [Default City]:Xi'an
Organization Name (eg, company) [Default Company Ltd]:timinglee
Organizational Unit Name (eg, section) []:webserver
Common Name (eg, your name or your server's hostname) []:www.timinglee.org
Email Address []:admin@timinlee.org

进行查看

[root@server100 ~]# ls /etc/nginx/certs/
timinglee.org.crt  timinglee.org.key
[root@server100 ~]# vim /etc/nginx/conf.d/vhosts.conf
server {listen 443 ssl;server_name login.timinglee.org;ssl_certificate "/etc/nginx/certs/timinglee.org.crt";ssl_certificate_key "/etc/nginx/certs/timinglee.org.key";root /usr/share/nginx/virtual/login;index index.html;
}
[root@server100 ~]# mkdir -p /usr/share/nginx/virtual/login
[root@server100 ~]# echo login.timinglee.org > /usr/share/nginx/virtual/login/index.html
[root@server100 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@server100 ~]# systemctl restart nginx.service

最后在windows里面测试,效果明显

首先在windows里面也要做解析

C:\Windows\System32\drivers\etc这个目录下的hosts里面,添加172.25.254.100 login.timinglee.org

然后在浏览器里面进行访问

选择高级,继续查看

强制走加密

[root@server100 ~]# vim /etc/nginx/conf.d/vhosts.conf
在443上面添加
server {
        listen 80;
        server_name login.timinglee.org;
        rewrite ^/(.*)$   https://login.timinglee.org/$1 permanent;
}

同样也需要做本地解析
[root@server100 ~]# curl -I login.timinglee.org/hehe
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Thu, 29 May 2025 09:31:06 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://login.timinglee.org/hehe
 

http://www.lryc.cn/news/2393418.html

相关文章:

  • 半导体晶圆制造洁净厂房的微振控制方案-江苏泊苏系统集成有限公司
  • 嵌入式(1):STM32 GPIO与AFIO深度解析:从原理到高阶应用实战
  • Netty 实战篇:Netty RPC 框架整合 Spring Boot,迈向工程化
  • QML视图组件ListView、TableView、GridView介绍
  • 常见压缩算法性能和压缩率对比 LZ4 LZO ZSTD SNAPPY
  • Spring Boot 应用中实现配置文件敏感信息加密解密方案
  • 【TTS】基于GRPO的流匹配文本到语音改进:F5R-TTS
  • 动态规划-152.乘积最大子数组-力扣(LeetCode)
  • 1-1 初探Dart编程语言
  • 搭建最新版开源监控平台SigNoz踩的坑
  • Ubuntu 服务器配置与 Cloudflare Tunnel 部署指南 免费内网穿透家用服务器
  • 无人机多人协同控制技术解析
  • 【东枫科技】KrakenSDR 测向快速入门指南
  • 使用LangChain与多模态模型实现图像中的文字和表格提取(PDF可转图片)
  • 【Redis】hash
  • 基于Vite的前端自动化部署方案
  • antDesignVue中a-upload上传组件的使用
  • 龙舟竞渡与芯片制造的共通逻辑:华芯邦的文化破局之道
  • 机房网络设备操作安全管理制度
  • CentOS中安装Docker Compose
  • Linux Kernel动态调试:运行时调试的利器
  • Milvus分区-分片-段结构详解与最佳实践
  • 5月课程精彩回顾 | 2025高通边缘智能创新应用大赛系列公开课
  • 设计模式25——中介者模式
  • 阿里云配置安全组策略开放端口
  • uniapp 搭配uviwe u-picker 实现地区联栋
  • win10电脑时间同步失败的解决方法
  • 每日c/c++题 备战蓝桥杯(Cantor 表)
  • 代码随想录打卡|Day53 图论(Floyd 算法精讲 、A * 算法精讲 (A star算法)、最短路算法总结篇、图论总结 )
  • yum安装nginx后无法通过服务方式启动