http传输协议的加密

苒苒鸭2025-06-03 18:56

创建目录存放签证

复制代码 
[root@server100 ~]# mkdir /etc/nginx/certs
[root@server100 ~]# openssl req -newkey rsa:2048 -nodes -sha256 -keyout /etc/nginx/certs/timinglee.org.key -x509 -days 365 -out /etc/nginx/certs/timinglee.org.crt
..........+......+......+......+...+....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+.+..+...+....+..+...+......+.+...+........+...+.......+...+..+....+.........+...............+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.......+.....+.........+.......+...+..............+.......+.........+.....+....+..+.+...+..+.........+......+...+.+......+..............................+........+.+...+.....+..........+..+.+........+..........+......+........+.............+.....+...+......+....+......+.....+.+..+...+......................+...+...+...............+..+.......+..+....+.....+.+......+...+..+...+....+..+.+..+.+....................+......+......+.........+......+.......+......+..+.............+......+........+...+....+....................+....+............+........+.+....................+...+.......+...+.....+.+.....+.......+..+.......+.....+...+......+.........+..........+.....+.......+...........+...............+.........+....+....................+....+......+.....+......+....+......+...+..+...+...+..........+..............+.+..+...............+.+.....+....+...+..+......+.+...+...+..+.......+........+......+.+......+.....+...+.+.....+.+..............+...+.+..+.........+...+.............+.....+.........+..........+.........+.....+......+...+..........+..+.+........................+........+.+............+..+...+....+......+...+...............+..+...+......+.............+..+.+..................+......+...+...........+.+...+........+...................+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
........+..+.........+....+.....+.+.................+....+......+..+......+.+.........+.....+.+........+.+.........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+...+..+.+........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+..+...+....+...+..+...+...............+..................+...+.+......+.................+............+.........+...................+......+.....+......+.........+....+...+.....+...+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Shanxi
Locality Name (eg, city) [Default City]:Xi'an
Organization Name (eg, company) [Default Company Ltd]:timinglee
Organizational Unit Name (eg, section) []:webserver
Common Name (eg, your name or your server's hostname) []:www.timinglee.org
Email Address []:admin@timinlee.org

进行查看

复制代码 
[root@server100 ~]# ls /etc/nginx/certs/
timinglee.org.crt  timinglee.org.key
复制代码 
[root@server100 ~]# vim /etc/nginx/conf.d/vhosts.conf
server {
        listen 443 ssl;
        server_name login.timinglee.org;
        ssl_certificate "/etc/nginx/certs/timinglee.org.crt";
        ssl_certificate_key "/etc/nginx/certs/timinglee.org.key";
        root /usr/share/nginx/virtual/login;
        index index.html;
}
[root@server100 ~]# mkdir -p /usr/share/nginx/virtual/login
[root@server100 ~]# echo login.timinglee.org > /usr/share/nginx/virtual/login/index.html
[root@server100 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@server100 ~]# systemctl restart nginx.service

最后在windows里面测试,效果明显

首先在windows里面也要做解析

C:\Windows\System32\drivers\etc这个目录下的hosts里面,添加172.25.254.100 login.timinglee.org

然后在浏览器里面进行访问

选择高级,继续查看

强制走加密

root@server100 \~\]# vim /etc/nginx/conf.d/vhosts.conf 在443上面添加 server { listen 80; server_name login.timinglee.org; rewrite \^/(.\*)$ https://login.timinglee.org/$1 permanent; } 同样也需要做本地解析 \[root@server100 \~\]# curl -I login.timinglee.org/hehe HTTP/1.1 301 Moved Permanently Server: nginx/1.20.1 Date: Thu, 29 May 2025 09:31:06 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: https://login.timinglee.org/hehe

相关推荐
教练、我想打篮球3 小时前
120 同样的 url, header, 参数, 使用 OkHttp 能够成功获取数据, 使用 RestTemplate 报错
http·okhttp·resttemplate·accept
zfj3213 小时前
websocket为什么需要在tcp连接成功后先发送一个标准的http请求,然后在当前tcp连接上升级协议成websocket
websocket·tcp/ip·http
杀手不太冷!3 小时前
Jenkins的安装与使用;git clone url的时候,url为http和ssh时候的区别
git·http·jenkins
irisart5 小时前
第二章【NGINX 开源功能】—— HTTP 服务器(下)
nginx·http·开源
Neolnfra21 小时前
渗透测试标准化流程
开发语言·安全·web安全·http·网络安全·https·系统安全
fiveym1 天前
Apache HTTP 服务搭建全攻略
网络协议·http·apache
2501_915106321 天前
HTTP 协议详解,HTTP 协议在真实运行环境中的表现差异
网络·网络协议·http·ios·小程序·uni-app·iphone
GanGuaGua1 天前
计算机网络:HTTP报文
网络·网络协议·计算机网络·http
YY&DS1 天前
《Qt 手写 HTTP 登录服务实战》
开发语言·qt·http
默凉1 天前
c++使用http发送图像
开发语言·c++·http
热门推荐
01GitHub 镜像站点02UV安装并设置国内源03Linux下V2Ray安装配置指南04安娜的档案(Anna’s Archive) 镜像网站/国内最新可访问入口(持续更新)05RedissonClient的配置解析06在VSCode配置Java开发环境的保姆级教程(适配各类AI编程IDE)07BongoCat - 跨平台键盘猫动画工具08Open-AutoGLM Windows 安装部署教程09jdk21下载、安装(Windows、Linux、macOS)10Labelme从安装到标注:零基础完整指南