本地自签https证书,实现https加域名访问服务

最新推荐文章于 2024-01-24 11:00:00 发布
最新推荐文章于 2024-01-24 11:00:00 发布
阅读量8.4k 收藏 1
点赞数 1
分类专栏: 项目功能经验 文章标签: 自签证书 https 域名 内网 openssl
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/AinUser/article/details/111369525
版权 
# 前言
实现本地自签https证书,其实有很多方式
如下所示:itisscg openssl keytools mkcert


# 情境
如果没有做过的,大家可以先参考如下链接
https://www.cnblogs.com/zhoudawei/p/9257276.html
https://blog.csdn.net/byg184244735/article/details/85071877
https://blog.csdn.net/qq_42403866/article/details/107147113
https://www.jianshu.com/p/7a72851676f1

linux 平台下生成根证书步骤

1. 
[root@localhost tls2]# openssl req -sha256 -new -x509 -days 3650 -keyout CA.key -out CA.crt -config openssl.cnf
WARNING: can't open config file: /etc/pki/tls/openssl.cnf
Generating a 2048 bit RSA private key
.....................................................................+++
........+++
writing new private key to 'CA.key'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:bj
Locality Name (eg, city) [Default City]:bj
Organization Name (eg, company) [Default Company Ltd]:hongyi
Organizational Unit Name (eg, section) []:hongyi
Common Name (eg, your name or your server's hostname) []:aliyun
Email Address []:


2. 
[root@localhost tls2]# openssl genrsa -out macrowing.com.key 2048
WARNING: can't open config file: /etc/pki/tls/openssl.cnf
Generating RSA private key, 2048 bit long modulus
..................+++
.....................................+++
e is 65537 (0x10001)


3. 
[root@localhost tls2]# openssl req -new -sha256 -key macrowing.com.key -out macrowing.com.csr -config openssl.cnf
WARNING: can't open config file: /etc/pki/tls/openssl.cnf
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:bj
Locality Name (eg, city) [Default City]:bj
Organization Name (eg, company) [Default Company Ltd]:hongyi
Organizational Unit Name (eg, section) []:hongyi
Common Name (eg, your name or your server's hostname) []:macrowing.com
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:wso2carbon
An optional company name []:hongyi

4. 
[root@localhost tls2]# openssl req -in macrowing.com.csr -text
WARNING: can't open config file: /etc/pki/tls/openssl.cnf
Unable to load config info from /etc/pki/tls/openssl.cnf
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: C=CN, ST=bj, L=bj, O=hongyi, OU=hongyi, CN=macrowing.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c8:c4:0a:5e:2f:c3:1e:b2:13:88:e1:2f:b1:7b:
                    49:66:f6:da:0d:85:ff:94:a7:a3:6f:8c:e6:30:31:
                    da:37:6f:a1:3f:07:a9:80:5d:22:23:5f:4a:40:68:
                    64:e5:f3:7a:7f:2e:a1:7b:e8:84:16:b9:61:8e:ba:
                    19:a7:67:74:73:01:31:51:0d:a2:b0:03:5b:c6:1c:
                    b9:e9:12:86:6a:db:21:c4:5a:2a:07:b2:dd:b4:eb:
                    ff:6e:ee:b4:a6:bf:24:fb:87:1e:2e:a1:8a:60:99:
                    8a:94:53:96:14:11:91:24:77:e9:64:58:4c:49:b0:
                    b8:48:29:bb:a0:ff:d2:05:31:3b:c2:e4:f8:d4:d8:
                    3e:d0:cb:6a:25:ec:85:22:ef:d4:de:ed:3b:0d:3e:
                    25:7c:6a:31:eb:4e:81:df:fc:5d:17:23:14:b3:3d:
                    72:81:c5:cf:b4:c9:b8:8f:00:d6:4b:ea:d4:99:a6:
                    ee:1a:ff:00:df:11:36:52:a0:cb:39:46:a5:b9:7a:
                    fb:bb:85:95:c0:b4:03:ea:c4:b3:6a:c1:b6:39:46:
                    fd:5c:35:fc:07:d2:98:a0:1b:aa:bf:60:ed:72:a3:
                    87:ae:65:e4:ad:ed:ac:af:b9:4e:a9:e3:17:c4:e2:
                    15:4c:13:97:36:0f:74:cd:89:35:91:f4:aa:d4:a5:
                    bb:3f
                Exponent: 65537 (0x10001)
        Attributes:
            unstructuredName         :hongyi
            challengePassword        :wso2carbon
        Requested Extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Key Usage: 
                Digital Signature, Non Repudiation, Key Encipherment
            X509v3 Subject Alternative Name: 
                DNS:macrowing.com, DNS:*.macrowing.com, IP Address:192.168.2.199, IP Address:192.169.2.1
    Signature Algorithm: sha256WithRSAEncryption
         2d:4e:3c:a7:43:68:e5:c4:58:d7:4c:f7:1e:e6:ce:31:1e:d2:
         11:ce:19:15:56:50:27:8e:3a:df:b6:53:89:bd:7a:f8:9c:c9:
         0f:88:10:2b:71:87:74:67:ad:3d:41:bb:e6:b8:26:db:8a:22:
         a5:76:a0:ea:3c:1e:4f:4c:01:3c:0c:54:6c:c2:11:52:5a:66:
         c9:f1:d6:68:5a:3e:72:a0:f2:83:5d:37:9c:9d:ed:e0:b1:48:
         87:6e:6e:6b:47:bd:15:a1:7d:ae:26:30:6c:54:0d:be:35:e6:
         3e:ff:1d:2e:93:bf:d9:3b:ae:55:10:05:53:8d:45:8f:1d:88:
         5a:e5:e1:43:bb:72:d7:72:c8:9f:9e:ef:58:6a:b1:da:06:f7:
         d7:f0:9b:24:c9:61:ea:e9:dd:ce:cc:70:2e:35:5d:82:99:e4:
         54:4b:5b:93:6a:53:68:65:5a:9c:fe:3a:6f:a1:51:2c:ef:dd:
         09:79:8b:e4:0d:e4:fc:c8:36:1b:f6:d7:73:2e:04:ca:e2:9e:
         95:19:c0:85:84:69:2a:8a:40:3e:ba:0a:57:68:c9:f7:49:5f:
         19:14:a2:d9:29:72:80:74:0c:29:3e:77:d1:f7:42:68:15:d5:
         07:5d:4f:4d:13:d6:f2:25:89:80:69:68:4c:ee:80:df:b3:9d:
         c1:b8:4e:cb
-----BEGIN CERTIFICATE REQUEST-----
MIIDOTCCAiECAQAwYTELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAmJqMQswCQYDVQQH
DAJiajEPMA0GA1UECgwGaG9uZ3lpMQ8wDQYDVQQLDAZob25neWkxFjAUBgNVBAMM
DW1hY3Jvd2luZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI
xApeL8MeshOI4S+xe0lm9toNhf+Up6NvjOYwMdo3b6E/B6mAXSIjX0pAaGTl83p/
LqF76IQWuWGOuhmnZ3RzATFRDaKwA1vGHLnpEoZq2yHEWioHst206/9u7rSmvyT7
hx4uoYpgmYqUU5YUEZEkd+lkWExJsLhIKbug/9IFMTvC5PjU2D7Qy2ol7IUi79Te
7TsNPiV8ajHrToHf/F0XIxSzPXKBxc+0ybiPANZL6tSZpu4a/wDfETZSoMs5RqW5
evu7hZXAtAPqxLNqwbY5Rv1cNfwH0pigG6q/YO1yo4euZeSt7ayvuU6p4xfE4hVM
E5c2D3TNiTWR9KrUpbs/AgMBAAGggZIwFQYJKoZIhvcNAQkCMQgMBmhvbmd5aTAZ
BgkqhkiG9w0BCQcxDAwKd3NvMmNhcmJvbjBeBgkqhkiG9w0BCQ4xUTBPMAkGA1Ud
EwQCMAAwCwYDVR0PBAQDAgXgMDUGA1UdEQQuMCyCDW1hY3Jvd2luZy5jb22CDyou
bWFjcm93aW5nLmNvbYcEwKgCx4cEwKkCATANBgkqhkiG9w0BAQsFAAOCAQEALU48
p0No5cRY10z3HubOMR7SEc4ZFVZQJ44637ZTib16+JzJD4gQK3GHdGetPUG75rgm
24oipXag6jweT0wBPAxUbMIRUlpmyfHWaFo+cqDyg103nJ3t4LFIh25ua0e9FaF9
riYwbFQNvjXmPv8dLpO/2TuuVRAFU41Fjx2IWuXhQ7ty13LIn57vWGqx2gb31/Cb
JMlh6undzsxwLjVdgpnkVEtbk2pTaGVanP46b6FRLO/dCXmL5A3k/Mg2G/bXcy4E
yuKelRnAhYRpKopAProKV2jJ90lfGRSi2SlygHQMKT530fdCaBXVB11PTRPW8iWJ
gGloTO6A37OdwbhOyw==
-----END CERTIFICATE REQUEST-----


5.
需先执行一下两条命令:
	sudo touch /etc/pki/CA/index.txt
	echo 01 | sudo tee /etc/pki/CA/serial
[root@localhost tls2]# openssl ca -in macrowing.com.csr -md sha256 -out macrowing.com.crt -cert CA.crt -keyfile CA.key -extensions v3_req -config openssl.cnf
WARNING: can't open config file: /etc/pki/tls/openssl.cnf
Using configuration from openssl.cnf
Enter pass phrase for CA.key:
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 5 (0x5)
        Validity
            Not Before: Dec 18 03:28:00 2020 GMT
            Not After : Dec 18 03:28:00 2021 GMT
        Subject:
            countryName               = CN
            stateOrProvinceName       = bj
            organizationName          = hongyi
            organizationalUnitName    = hongyi
            commonName                = macrowing.com
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Key Usage: 
                Digital Signature, Non Repudiation, Key Encipherment
            X509v3 Subject Alternative Name: 
                DNS:macrowing.com, DNS:*.macrowing.com, IP Address:192.168.2.199, IP Address:192.169.2.1
Certificate is to be certified until Dec 18 03:28:00 2021 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated


6. 
[root@localhost tls2]# openssl x509 -in macrowing.com.crt -text
WARNING: can't open config file: /etc/pki/tls/openssl.cnf
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=CN, ST=bj, L=bj, O=hongyi, OU=hongyi, CN=aliyun
        Validity
            Not Before: Dec 18 03:28:00 2020 GMT
            Not After : Dec 18 03:28:00 2021 GMT
        Subject: C=CN, ST=bj, O=hongyi, OU=hongyi, CN=macrowing.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c8:c4:0a:5e:2f:c3:1e:b2:13:88:e1:2f:b1:7b:
                    49:66:f6:da:0d:85:ff:94:a7:a3:6f:8c:e6:30:31:
                    da:37:6f:a1:3f:07:a9:80:5d:22:23:5f:4a:40:68:
                    64:e5:f3:7a:7f:2e:a1:7b:e8:84:16:b9:61:8e:ba:
                    19:a7:67:74:73:01:31:51:0d:a2:b0:03:5b:c6:1c:
                    b9:e9:12:86:6a:db:21:c4:5a:2a:07:b2:dd:b4:eb:
                    ff:6e:ee:b4:a6:bf:24:fb:87:1e:2e:a1:8a:60:99:
                    8a:94:53:96:14:11:91:24:77:e9:64:58:4c:49:b0:
                    b8:48:29:bb:a0:ff:d2:05:31:3b:c2:e4:f8:d4:d8:
                    3e:d0:cb:6a:25:ec:85:22:ef:d4:de:ed:3b:0d:3e:
                    25:7c:6a:31:eb:4e:81:df:fc:5d:17:23:14:b3:3d:
                    72:81:c5:cf:b4:c9:b8:8f:00:d6:4b:ea:d4:99:a6:
                    ee:1a:ff:00:df:11:36:52:a0:cb:39:46:a5:b9:7a:
                    fb:bb:85:95:c0:b4:03:ea:c4:b3:6a:c1:b6:39:46:
                    fd:5c:35:fc:07:d2:98:a0:1b:aa:bf:60:ed:72:a3:
                    87:ae:65:e4:ad:ed:ac:af:b9:4e:a9:e3:17:c4:e2:
                    15:4c:13:97:36:0f:74:cd:89:35:91:f4:aa:d4:a5:
                    bb:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Key Usage: 
                Digital Signature, Non Repudiation, Key Encipherment
            X509v3 Subject Alternative Name: 
                DNS:macrowing.com, DNS:*.macrowing.com, IP Address:192.168.2.199, IP Address:192.169.2.1
    Signature Algorithm: sha256WithRSAEncryption
         99:fa:24:d8:14:94:c2:d7:42:f3:b4:87:2f:54:b7:c5:2c:04:
         23:71:be:fe:c3:fa:3d:ef:39:28:4c:5d:72:38:7c:bc:ca:cb:
         d1:56:d2:00:ff:2f:68:b0:2b:eb:71:68:10:a6:68:59:26:54:
         d6:b3:85:39:82:cf:d7:a7:89:60:91:ec:12:68:d1:46:c0:17:
         b4:7f:56:bd:ed:0c:2b:9e:7a:a6:2c:62:08:9d:9c:d0:94:f0:
         37:7d:8a:30:05:d5:d4:54:c7:f2:11:cf:f0:81:14:27:61:e2:
         16:ec:04:3e:03:4b:f3:9f:90:a4:0f:12:e4:06:bc:e3:98:57:
         2b:28:1d:58:3a:9e:57:fd:cf:aa:4c:60:3d:62:ca:ef:a3:1d:
         ab:1f:ba:2f:d3:66:4d:3a:80:a6:2a:96:d8:9e:3b:0a:69:77:
         a6:f1:66:12:29:e9:b4:0c:72:4e:b9:cd:5e:3c:4b:f0:16:f8:
         05:5a:f8:1d:6c:03:16:27:ea:fc:5b:0f:18:27:f4:c7:a0:72:
         da:83:61:fa:53:e8:35:80:04:4a:7c:31:57:0a:df:14:1b:5b:
         2c:40:87:55:1f:7d:ae:3a:3b:5b:ea:56:dd:c2:53:70:73:b9:
         cf:bd:43:5d:bb:e6:4d:2e:f3:62:69:6d:97:5f:cf:77:8e:f2:
         e9:cf:ba:ab
-----BEGIN CERTIFICATE-----
MIIDejCCAmKgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJDTjEL
MAkGA1UECAwCYmoxCzAJBgNVBAcMAmJqMQ8wDQYDVQQKDAZob25neWkxDzANBgNV
BAsMBmhvbmd5aTEPMA0GA1UEAwwGYWxpeXVuMB4XDTIwMTIxODAzMjgwMFoXDTIx
MTIxODAzMjgwMFowVDELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAmJqMQ8wDQYDVQQK
DAZob25neWkxDzANBgNVBAsMBmhvbmd5aTEWMBQGA1UEAwwNbWFjcm93aW5nLmNv
bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMjECl4vwx6yE4jhL7F7
SWb22g2F/5Sno2+M5jAx2jdvoT8HqYBdIiNfSkBoZOXzen8uoXvohBa5YY66Gadn
dHMBMVENorADW8YcuekShmrbIcRaKgey3bTr/27utKa/JPuHHi6himCZipRTlhQR
kSR36WRYTEmwuEgpu6D/0gUxO8Lk+NTYPtDLaiXshSLv1N7tOw0+JXxqMetOgd/8
XRcjFLM9coHFz7TJuI8A1kvq1Jmm7hr/AN8RNlKgyzlGpbl6+7uFlcC0A+rEs2rB
tjlG/Vw1/AfSmKAbqr9g7XKjh65l5K3trK+5TqnjF8TiFUwTlzYPdM2JNZH0qtSl
uz8CAwEAAaNRME8wCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwNQYDVR0RBC4wLIIN
bWFjcm93aW5nLmNvbYIPKi5tYWNyb3dpbmcuY29thwTAqALHhwTAqQIBMA0GCSqG
SIb3DQEBCwUAA4IBAQCZ+iTYFJTC10LztIcvVLfFLAQjcb7+w/o97zkoTF1yOHy8
ysvRVtIA/y9osCvrcWgQpmhZJlTWs4U5gs/Xp4lgkewSaNFGwBe0f1a97Qwrnnqm
LGIInZzQlPA3fYowBdXUVMfyEc/wgRQnYeIW7AQ+A0vzn5CkDxLkBrzjmFcrKB1Y
Op5X/c+qTGA9Ysrvox2rH7ov02ZNOoCmKpbYnjsKaXem8WYSKem0DHJOuc1ePEvw
FvgFWvgdbAMWJ+r8Ww8YJ/THoHLag2H6U+g1gARKfDFXCt8UG1ssQIdVH32uOjtb
6lbdwlNwc7nPvUNdu+ZNLvNiaW2XX893jvLpz7qr
-----END CERTIFICATE-----


7. 
openssl x509 -in macrowing.com.crt -out macrowing.com.pem -outform PEM


8. 
openssl pkcs12 -export -in macrowing.com.crt -inkey macrowing.com.key -passin pass:wso2carbon -name wso2carbon -chain -CAfile CA.crt -password pass:wso2carbon -caname ziqianca -out wso2carbon.p12



9.
1.查看p12证书
keytool -rfc -list -keystore wso2carbon.p12 -storetype pkcs12    密码是:changeit


10.
keytool -importkeystore -srckeystore wso2carbon.p12 -srcstoretype PKCS12 -deststoretype JKS -destkeystore wso2carbon.jks
正在将密钥库 wso2carbon.p12 导入到 wso2carbon.jks...
输入目标密钥库口令:  
再次输入新口令: 
输入源密钥库口令:  
已成功导入别名 wso2carbon 的条目。
已完成导入命令: 1 个条目成功导入, 0 个条目失败或取消

Warning:
JKS 密钥库使用专用格式。建议使用 "keytool -importkeystore -srckeystore wso2carbon.jks -destkeystore wso2carbon.jks -deststoretype pkcs12" 迁移到行业标准格式 PKCS12。

然后配置nginx或者Apache或者tomcat就可以了

租房请下载:房东直租APP
关注
  • 1
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
本地自签https证书
你是魔鬼吧
07-18 4781
本地自签https证书
MyWebServer应用,http或https访问
最新发布
06-08
总之,MyWebServer是一款方便的本地Web服务器软件,通过它,用户可以便捷地实现HTTP和HTTPS服务,为开发、测试和学习Web技术提供了有力的支持。其简单易用的配置界面和自动保存功能,使它成为初学者和专业人士的得力...
本地域名自签SSL证书并本地信任
q764535104的博客
12-29 942
用win10的hosts配本地域名,以centos7.6服务器为例,用openssl生成证书,适用自用网站,自用api,自签证书,ip证书
数字证书制作工具itisscg.exe
12-11
这是一个用.NET开发的证书生成工具,图形界面。这个工具小巧玲珑,只有200多K,需要.NET4.6的支持。 生成证书含有subject Alternative Name。具体可见文章:https://blog.csdn.net/leftfist/article/details/81433372
本地生成Https证书(Windows)
huyaguang的专栏
12-05 4989
本地生成Https证书(Windows)
自建HTTPS证书
阿祥_CSDN
07-13 5853
在做 Web 相关开发的时候,有可能需要在本地搭建 https 的环境,而在 https 环境的过程中,需要私钥和证书文件,本文提供自建证书的方案供读者参考。
理解HTTPS/TLS/SSL(一)基础概念+配置本地自签证书
特别享受思考问题的过程
08-27 2491
对于HTTPS、TLS、SSL相关的概念,平时也是时常接触到。看过几篇文章之后,总以为自己真正了解了,实际上碰到问题时才知道,自己恐怕连入门都算不上。所以打算入个门,补上这一部分的基础知识,对于更深层次的东西,例如各种标准的解读,则不打算深入。
wytamma.github.io:https
03-08
HTTPS实现通常需要SSL/TLS证书,对于GitHub Pages,用户可以通过Let's Encrypt等免费证书提供商获取证书。 6. **本地开发**: "bundle exec jekyll serve"命令启动一个本地开发服务器,开发者可以在浏览器中实时...
jaywcjlove.github.io:https
05-26
6. **HTTPS设置**:启用HTTPS可能涉及到在GitHub Pages的设置中添SSL证书,或者通过CNAME文件指向使用Cloudflare等第三方服务实现。 综上所述,这个项目是一个个人展示网站,使用HTML进行页面结构设计,并可能...
迷你web服务器架设软件
11-22
6. **安全设置**:了解防火墙规则、SSL/TLS证书以及防止未授权访问的重要性。 7. **错误日志和调试**:学习查看服务器日志以排查问题,以及如何调试服务器和脚本错误。 8. **数据存储**:如果软件包含数据库支持,...
pnp.github.io:用于https的GitHub页面设置的根存储库
03-19
【标题】"pnp.github.io" 是一个针对GitHub Pages的项目,主要目的是为用户提供通过HTTPS访问的个人或组织网站服务。GitHub Pages是一个静态站点托管服务,由GitHub提供,用户可以利用这个服务展示个人作品、博客...
通讯录,带搭建教程,用于自用,交流
08-18
如果是远程服务器,可能需要配置域名解析和SSL证书实现HTTPS安全访问。 6. **测试**:最后,进行功能测试,确保添、修改、删除和搜索联系人等功能正常工作。 综上所述,搭建一个自用的通讯录系统涉及的技术栈...
httpd-2.4.39-win64-VC15.zip
01-31
4. **安全设置**:包括SSL/TLS证书配置,以实现HTTPS密连接,以及访问控制和防火墙规则。 5. **日志记录**:Apache可以记录各种日志,如访问日志、错误日志,有助于监控服务器性能和排查问题。 PHP的集成意味着...
codeserver是一个在线版的VSCode可以通过浏览器访问
08-12
3. **配置域名与SSL**:为提供更专业的服务,你可以绑定自定义域名,并启用SSL证书以确保数据传输的安全性。 4. **用户认证与授权**:code-server支持多种身份验证方法,包括基本的HTTP身份验证、OAuth2和其他第三...
邮件服务
01-23
这涉及到设置域名、DNS记录(MX记录指定邮件服务器)、SSL证书以确保通信安全,以及端口设置(如SMTP的25号端口,POP3的110号端口,IMAP4的143号端口)。 2. 邮件过滤:为了防止垃圾邮件和恶意邮件,邮件服务器需要...
SSL 证书配置
b_tyro的博客
05-09 3896
在客户端安装根证书实现客户端校验,可能会因为根证书过期失效或策略变更等导致访问失败或访问提示不安全,不推荐使用该方式,推荐安装根证书到系统默认信任库,并使用系统默认信任库进行客户端校验。总的来说,通常建议对于需要保护用户数据、涉及交易及其他敏感操作的网站,应选择 OV 或 EV 类型的 SSL/TLS 证书,以提供更高等级的身份验证、可靠性和信任度。如果业务用户通过Java等客户端访问服务器,由于客户端没有内置根证书和中间证书,可能需要下载根证书和中间证书,具体操作,请参见。下面是它们之间的主要区别。
[HTTPS] 免费获取安全证书并配置HTTPS
m0_59598029的博客
01-24 2014
如何免费获取安全证书并配置HTTPS
本地测试使用自签证书以开启网站https(例子说明:Nginx、Tomcat)
MysticalDream的博客
05-16 8776
数字证书是由证书颁发机构(CA)签名并颁发的电子文件,用于建立网络连接的身份认证和密通信。SSL 证书是数字证书的一种。
局域网内多台机器使用自签证书架设https网站二:实施
热门推荐
左直拳的马桶_日用桶
08-05 1万+
前文再续,接上一回。上一篇文章说了局域网内多台机器使用自签证书架设https网站的原理,现在接着介绍实现方法和步骤: 1、以一台机器作为根证书服务器(其实就是CA了),负责生成根证书 2、所有网站的证书,都由这张根证书来签发 3、访问所有网站的客户端,都导入这张根证书到自己的“受信任的根证书颁发机构”里 一、生成根证书 生成根证书应该有许多种: 1、如果操作系统是server,...
详述:配置HTTPS服务器与SSL证书的步骤
访问证书状态页面,查看并下载颁发成功的证书文件。 6. **在服务器上安装证书** 回到IIS管理器,再次选择“默认网站”的属性,进入“目录安全性”选项卡,点击“服务证书”进行安装。指定证书文件路径,按默认...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值