Concept
What is Container?Www.docker.com/resources/what-containerWww.docker.com/why-docker
What is let ' s Encrypt?Let's Encrypt is a free, automated, and open Certificate authority.
Installation
Installing Dockerdocs.docker.com/install/linux/docker-ce/ubuntu/
Get imagesdocker pull linuxserver/letsencrypt
Details of the main characters and how to use:
Hub.docker.com/r/linuxserver/letsencrypt
Github.com/linuxserver/docker-letsen
MQTT serves as the push message pushing protocol for Android clients. The Android client needs to connect to the MQTT Proxy server via SSL/TLS for encrypted transmission of messages. Implementing this process requires two support, one for the MQTT protocol client and the other for the MQTT proxy server. There are many open-source Mqtt proxy servers, and I choose to use Mosquitto Broker.
Mosquitto install to Windows, I use Windows as the Mosquitto Proxy server
2. Installing OpenSSL
3.
OpenSSL generates certificates[Email protected] key]$ pwd/app/nginx/key
generate private key OpenSSL genrsa-out server.key 2048
Generate certificate request OpenSSL Req-new-key server.key-out SERVER.CSR
Fill in information [[emailprotected] key]$ OpenSSL req-new-key server.key-out server.csryou is about to B E asked to enter information
For details, see Tomcat help documentation,: https: // localhost: 8080/tomcat-docs/ssl-howto.html.1. Use keytool to generate a certificate:Keytool-genkey-alias tomcat-keyalg RSA-keystore C:/tomcat/mykeyNote:Here-alias Tomcat indicates that the generated certificate alias is tomcat,-keyalg RSA refers to the RSA algorithm used,-keystore C: /tomcat/mykey indicates the storage location of the generated
hostname, such as:"CN": "System:node:k8s01"Execute script./node.shComplete the above steps, in initializing the Kubernetes cluster, if the certificate and configuration file exist, use the existing[Certificates]usingtheexistingcacertificateandkey. [Certificates]usingtheexistingapiservercertificateandkey. [certificates]usingtheexistingapiserver-kubelet-clientcertificateand Key. [Certificates]usingtheexistingsakey. [Certificates]usingtheexistingfront-p
Use openssl in linux to generate a csrcrchloroform Certificate
This article mainly draws on and references the content of the following two addresses, then tests and runs on the machine, and makes the following records.
Create the test directory mkdir/tmp/create_key/ca cd/tmp/create_key/
Certificate file generation:
I. Server Side
1.
The first thing to do with the push service is to get the push certificate. It is used to identify your communication with apns through SSL.
Generate an SSL Certificate for Apple push notification on Mac:
Log on to the iPhone developer connection portal and click app IDs.
Create an app ID that does not use wildcards. The
.
Keytool stores the key and certificate to a keystore. The keystore is a file which uses a password to protect the key.
Another tool, jarsigner, uses the information in the keystore to generate or test the digital signature in the Java archive (JAR file.
The keystore has two diff
From: http://liujy1111.blog.163.com/blog/static/49739712008842372293/
However, when I follow the steps above, the HTTPS service will not start, and the certificate file will always be prompted that it does not exist or the format is invalid. After a long time, I finally got it done. Here I will summarize it.
Environment Information:
Software Version installation path
Tomcat APACHE-Tomcat-7.0.11 D:/tomcat/Apache-Tomcat-7.0.11
OpenSSL 0.9.8k 25 Mar 2
First generate a certificate with Keytool1 Generating keyD:/>keytool-genkey-alias wenger-keysize 1024-keypass Abcdef-keystore MyKeysTore-storepass Abcdef-dname "Cn=chen Sr, Ou=tanglab, O=lab, L=gz, ST=GD, C=CN"2 Export key, save in the form of certificateD:/>keytool-export-alias wenger-file Mycert.cer-keystore Mykeystore-storepass abcdefCertificates saved in a file Read the certificate's information in Java
seed .
So far, the work has been smooth, now see if you have a certificate issued ( distribution certificate ). Open Keychain Tool:
Don't doubt, in the focus we use Xcode to the server request, automatically generated and downloaded! But how to make it by hand? Here to teach you. Same as first to Certificate->Production medium, press + to create new.
Che
1. to generate a self-signed certificate, you usually need to configure an https server and an X509 certificate that is authenticated by a formal CA. When the client connects to the https server, the CA's common key is used to check whether the certificate is correct. However, it is very troublesome to obtain the CA
Generate an SSL Certificate for Windows Remote Desktop Service
Windows supports SSL-encrypted remote desktop services from 2000. You only need to specify a certificate in the remote desktop service settings, the SSL option will appear in the encryption method set by RDP (the self-authenticated certificate for remote de
1. Login to IPhone Developer Connection Portal (http://developer.apple.com/iphone/manage/overview/index.action) and click on App IDs2. Create an App ID that does not use a wildcard character. Wildcard IDs cannot be used with push Notification Services. For example, Com.itotem.iphone3. Click "Configure" next to the app ID and press the button to produce the push notification license. Follow the steps in the
1. log on to the iPhoneDeveloperConnectionPortal and click AppIDs2 to create an AppID without wildcards. The wildcard ID cannot be used for the Push Notification Service. For example, our iPhone program ID is like this: ab123366cdcomserverdens
1. log on to the iPhone Developer Connection Portal and click App IDs.2. create an App ID that does not use wildcards. The wildcard ID cannot be used for the Push Not
:13:cf:46:38:ac:77Sha1:8c:cb:76:50:db:34:35:c5:95:49:da:9e:18:22:b0:f9:af:73:c8:f58. Export the certificate to a certificate file (the certificate file is encoded in binary, cannot be viewed with a text editor, does not utilize the advertisement certificate)C:/jdk1.5.0_04/bin>keytool-export-alias dyfca-file Dyfca.cer-k
# Cd/usr/local/apache2/certificate # cdssl. the ca-0.1 generates the root certificate: #./new-root-ca.sh (generate the root certificate) NoRootCAkeyround. GeneratingoneGeneratingRSAprivatekey ,...
# Cd/usr/local/apache2/conf# Tar zxvf ssl.ca-0.1.tar.gz# Cd ssl. ca-0.1Generate the root
From February 14 onwards, the students who upload the program may encounter hints that failed to upload.and open your keychain and find that all certificates show that this certificate issuer is invalid.The following conditions occur:Failed to locate or generate matching signing assetsXcode attempted to locate or generate matching signing assets and failed to doi
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.