One. Basic knowledge
1.https
Anti-deception, mutual for each other to contact the subject.
Tamper-proof and can be perceived after the original data is altered.
Anti-sniffing, data content is not known to outsiders.
Anti-replay, anti-hijacking class replay attack, the data sent once after the error occurs. (See: HTTP://CNODEJS.ORG/TOPIC/557C354D16839D2D539362B6)
2.ssl/tls
3. Encryption algorithm
4. Certificate, X509, format
5.pem,der,pfx,csr,crt
6.makecert.exe
Keytool
Let ' s encrypt for free
Two.
Three.
Four. Attack
Five. Ref URL:
http://blog.csdn.net/u013424496/article/details/51161647
http://blog.csdn.net/u013424496/article/details/51161370
Http://www.cnblogs.com/aiqingqing/p/4503049.html
http://blog.csdn.net/popozhu/article/details/5793923
http://blog.csdn.net/lmj623565791/article/details/48129405
Https://github.com/asmrobot/ACMESharp
Http://www.cnblogs.com/denny-duan/p/apply-free-ssl-ca-win7-powershell-letsencrypt.html
Http://www.cnblogs.com/chinajava/p/5887538.html
Http://www.laozuo.org/7676.html
http://blog.csdn.net/i348018533/article/details/50788703
https://ksmx.me/letsencrypt-ssl-https/?utm_source=v2ex&utm_medium=forum&utm_campaign=20160529
Use HTTPS and self-signed certificates for the app interface