http传输协议的加密

苒苒鸭2025-06-03 18:56

创建目录存放签证

复制代码 
[root@server100 ~]# mkdir /etc/nginx/certs
[root@server100 ~]# openssl req -newkey rsa:2048 -nodes -sha256 -keyout /etc/nginx/certs/timinglee.org.key -x509 -days 365 -out /etc/nginx/certs/timinglee.org.crt
..........+......+......+......+...+....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+.+..+...+....+..+...+......+.+...+........+...+.......+...+..+....+.........+...............+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.......+.....+.........+.......+...+..............+.......+.........+.....+....+..+.+...+..+.........+......+...+.+......+..............................+........+.+...+.....+..........+..+.+........+..........+......+........+.............+.....+...+......+....+......+.....+.+..+...+......................+...+...+...............+..+.......+..+....+.....+.+......+...+..+...+....+..+.+..+.+....................+......+......+.........+......+.......+......+..+.............+......+........+...+....+....................+....+............+........+.+....................+...+.......+...+.....+.+.....+.......+..+.......+.....+...+......+.........+..........+.....+.......+...........+...............+.........+....+....................+....+......+.....+......+....+......+...+..+...+...+..........+..............+.+..+...............+.+.....+....+...+..+......+.+...+...+..+.......+........+......+.+......+.....+...+.+.....+.+..............+...+.+..+.........+...+.............+.....+.........+..........+.........+.....+......+...+..........+..+.+........................+........+.+............+..+...+....+......+...+...............+..+...+......+.............+..+.+..................+......+...+...........+.+...+........+...................+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
........+..+.........+....+.....+.+.................+....+......+..+......+.+.........+.....+.+........+.+.........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+...+..+.+........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+..+...+....+...+..+...+...............+..................+...+.+......+.................+............+.........+...................+......+.....+......+.........+....+...+.....+...+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Shanxi
Locality Name (eg, city) [Default City]:Xi'an
Organization Name (eg, company) [Default Company Ltd]:timinglee
Organizational Unit Name (eg, section) []:webserver
Common Name (eg, your name or your server's hostname) []:www.timinglee.org
Email Address []:admin@timinlee.org

进行查看

复制代码 
[root@server100 ~]# ls /etc/nginx/certs/
timinglee.org.crt  timinglee.org.key
复制代码 
[root@server100 ~]# vim /etc/nginx/conf.d/vhosts.conf
server {
        listen 443 ssl;
        server_name login.timinglee.org;
        ssl_certificate "/etc/nginx/certs/timinglee.org.crt";
        ssl_certificate_key "/etc/nginx/certs/timinglee.org.key";
        root /usr/share/nginx/virtual/login;
        index index.html;
}
[root@server100 ~]# mkdir -p /usr/share/nginx/virtual/login
[root@server100 ~]# echo login.timinglee.org > /usr/share/nginx/virtual/login/index.html
[root@server100 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@server100 ~]# systemctl restart nginx.service

最后在windows里面测试,效果明显

首先在windows里面也要做解析

C:\Windows\System32\drivers\etc这个目录下的hosts里面,添加172.25.254.100 login.timinglee.org

然后在浏览器里面进行访问

选择高级,继续查看

强制走加密

root@server100 \~\]# vim /etc/nginx/conf.d/vhosts.conf 在443上面添加 server { listen 80; server_name login.timinglee.org; rewrite \^/(.\*)$ https://login.timinglee.org/$1 permanent; } 同样也需要做本地解析 \[root@server100 \~\]# curl -I login.timinglee.org/hehe HTTP/1.1 301 Moved Permanently Server: nginx/1.20.1 Date: Thu, 29 May 2025 09:31:06 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: https://login.timinglee.org/hehe

相关推荐
阿珊和她的猫11 小时前
HTTP 状态码 301 和 302 的区别与使用场景
网络·网络协议·http
6***941516 小时前
报错The default superclass, “jakarta.servlet.http.HttpServlet“(已经配置好tomcat)
http·servlet·tomcat
记得记得就15121 小时前
【Nginx 实战系列(一)—— Web 核心概念、HTTP/HTTPS协议 与 Nginx 安装】
前端·nginx·http
阿珊和她的猫1 天前
HTTP 状态码 304:未修改(Not Modified)的深度解析
网络协议·http·状态模式
chuxinweihui2 天前
应用层协议 HTTP
linux·服务器·网络·网络协议·http
chuxinweihui2 天前
HTTP cookie 与 session
网络·网络协议·http
RocketJ2 天前
TCP、Telepathy 和 HTTP 三者关系
网络协议·tcp/ip·http
默恋~微凉2 天前
Shell(九)——HTTP与HTTPS协议
网络协议·http·https
fei_sun2 天前
【复习】计网每日一题1121大题--HTTP/1.0、HTTP/1.1、持续连接、非持续连接、并行连接、Web、JPEG图像
网络·网络协议·http
Yan-英杰2 天前
解决方案: CondaHTTPError: HTTP 000 CONNECTION FAILED for url
网络·网络协议·http
热门推荐
01GitHub 镜像站点02【保姆级教程】免费使用Gemini3的5种方法!免翻墙/国内直连03BongoCat - 跨平台键盘猫动画工具04UV安装并设置国内源05安娜的档案(Anna’s Archive) 镜像网站/国内最新可访问入口(持续更新)06Linux下V2Ray安装配置指南07Google Antigravity:无法登录?早期错误、登录修复和用户反馈指南08Labelme从安装到标注:零基础完整指南09全球最强模型Grok4,国内已可免费使用!(附教程)1046个Nano-banana 精选提示词,持续更新中