http传输协议的加密

苒苒鸭2025-06-03 18:56

创建目录存放签证

复制代码 
[root@server100 ~]# mkdir /etc/nginx/certs
[root@server100 ~]# openssl req -newkey rsa:2048 -nodes -sha256 -keyout /etc/nginx/certs/timinglee.org.key -x509 -days 365 -out /etc/nginx/certs/timinglee.org.crt
..........+......+......+......+...+....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+.+..+...+....+..+...+......+.+...+........+...+.......+...+..+....+.........+...............+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.......+.....+.........+.......+...+..............+.......+.........+.....+....+..+.+...+..+.........+......+...+.+......+..............................+........+.+...+.....+..........+..+.+........+..........+......+........+.............+.....+...+......+....+......+.....+.+..+...+......................+...+...+...............+..+.......+..+....+.....+.+......+...+..+...+....+..+.+..+.+....................+......+......+.........+......+.......+......+..+.............+......+........+...+....+....................+....+............+........+.+....................+...+.......+...+.....+.+.....+.......+..+.......+.....+...+......+.........+..........+.....+.......+...........+...............+.........+....+....................+....+......+.....+......+....+......+...+..+...+...+..........+..............+.+..+...............+.+.....+....+...+..+......+.+...+...+..+.......+........+......+.+......+.....+...+.+.....+.+..............+...+.+..+.........+...+.............+.....+.........+..........+.........+.....+......+...+..........+..+.+........................+........+.+............+..+...+....+......+...+...............+..+...+......+.............+..+.+..................+......+...+...........+.+...+........+...................+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
........+..+.........+....+.....+.+.................+....+......+..+......+.+.........+.....+.+........+.+.........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+...+..+.+........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+..+...+....+...+..+...+...............+..................+...+.+......+.................+............+.........+...................+......+.....+......+.........+....+...+.....+...+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Shanxi
Locality Name (eg, city) [Default City]:Xi'an
Organization Name (eg, company) [Default Company Ltd]:timinglee
Organizational Unit Name (eg, section) []:webserver
Common Name (eg, your name or your server's hostname) []:www.timinglee.org
Email Address []:admin@timinlee.org

进行查看

复制代码 
[root@server100 ~]# ls /etc/nginx/certs/
timinglee.org.crt  timinglee.org.key
复制代码 
[root@server100 ~]# vim /etc/nginx/conf.d/vhosts.conf
server {
        listen 443 ssl;
        server_name login.timinglee.org;
        ssl_certificate "/etc/nginx/certs/timinglee.org.crt";
        ssl_certificate_key "/etc/nginx/certs/timinglee.org.key";
        root /usr/share/nginx/virtual/login;
        index index.html;
}
[root@server100 ~]# mkdir -p /usr/share/nginx/virtual/login
[root@server100 ~]# echo login.timinglee.org > /usr/share/nginx/virtual/login/index.html
[root@server100 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@server100 ~]# systemctl restart nginx.service

最后在windows里面测试,效果明显

首先在windows里面也要做解析

C:\Windows\System32\drivers\etc这个目录下的hosts里面,添加172.25.254.100 login.timinglee.org

然后在浏览器里面进行访问

选择高级,继续查看

强制走加密

root@server100 \~\]# vim /etc/nginx/conf.d/vhosts.conf 在443上面添加 server { listen 80; server_name login.timinglee.org; rewrite \^/(.\*)$ https://login.timinglee.org/$1 permanent; } 同样也需要做本地解析 \[root@server100 \~\]# curl -I login.timinglee.org/hehe HTTP/1.1 301 Moved Permanently Server: nginx/1.20.1 Date: Thu, 29 May 2025 09:31:06 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: https://login.timinglee.org/hehe

相关推荐
Mr_Xuhhh10 小时前
NAT、代理服务、内网穿透
网络·网络协议·http·https·udp·智能路由器
weisian1511 天前
HTTP协议-3-HTTP/2是如何维持长连接的?
网络·网络协议·http
xie_pin_an1 天前
网络原理与编程实战:从 TCP/IP 到 HTTP/HTTPS
网络·tcp/ip·http
teeeeeeemo1 天前
如何做HTTP优化
前端·网络·笔记·网络协议·http
weisian1511 天前
HTTP协议-4-浏览器是怎么抉择HTTP版本的?
网络·网络协议·http
水冗水孚2 天前
图文并茂讲解nginx中http升级https(部署SSL证书)知识点总结
nginx·http·https
athink_cn2 天前
HTTP/2新型漏洞“MadeYouReset“曝光:可发动大规模DoS攻击
网络·网络协议·安全·http·网络安全
网络研究院3 天前
新的“MadeYouReset”方法利用 HTTP/2 进行隐秘的 DoS 攻击
网络·网络协议·安全·http·攻击·漏洞
玩转以太网3 天前
基于W55MH32Q-EVB 实现 HTTP 服务器配置 OLED 滚动显示信息
服务器·网络协议·http
清源妙木真菌3 天前
应用层协议——HTTP
网络·网络协议·http
热门推荐
01UV安装并设置国内源02DeepSeek更新!速览DeepSeek V3.1新特性03Qwen3-Coder 快速上手教程 | Qwen Code + Claude Code04KGG转MP3工具|非KGM文件|解密音频05蜘蛛磁力 搜索引擎大全,如何使用蜘蛛磁力查找磁力链接06【2025.08.06最新版】Android Studio下载、安装及配置记录(自动下载sdk)072025最新国内服务器可用docker源仓库地址大全(2025年8月更新)08阿里开源首个图像生成基础模型——Qwen-Image本地部署教程,超强中文渲染能力刷新SOTA!09NVIDIA显卡驱动、CUDA、cuDNN 和 TensorRT 版本匹配指南10TRAE 规则(Rules)配置指南:个人习惯、团队规范与最佳实践