The code is as follows
Copy Code
OpenSSL x509-req-days 3650-in hupohost.csr-signkey hupohost.key-out hupohost.crt
Here 3650 is the certificate validity period recommendation 3650 haha. This is random. The last file to use is key and CRT files.If you need to use a PFX you can use the following command to generate
The code is as follows
Copy Code
OpenSSL pkcs12-export-inkey hupohost.key-in hupohost.crt-out hupohost.pfx
Https is also an ssl certificate. We generally think that https is secure, but the credit chain system of the SSL certificate is not secure. In particular, man-in-the-middle attacks are equally feasible in some countries where you can control CA root certificates. In addition, when the client is implanted with countless backdoors and Trojans, HTTPS connections have very limited functions.Why I don't use
By default, the SSL module is not installed. To use this module, You need to specify the-with-http_ssl_module parameter during compilation. The installation module depends on the OpenSSL library and some reference files, these files are usually not in the same software package. Generally, this file name is similar to libssl-Dev.Generate Certificate
To generate a simple certificate, follow these steps:First, go to the directory where you want to create
This article uses the Nginx source installation1. Download Nginx Source Packagewget Http://nginx.org/download/nginx-1.8.0.taror login to the Nginx website to download a higher version2, Nginx installation needs other environment supportDoes the environment have GCC installed
1. Installing OpenSSLsudo apt-get install OpenSSLsudo apt-get install Libssl-dev2. Place the corresponding certification file Domain.crt,domain.key under/etc/nginx/sslAdd the following to the corresponding virtual host configuration file in Site-avaliableserver {Listen 443;server_name domain.com;root/var/www/project folder;Index index.php index.html index.htm;SSL on;SSL_CERTIFICATE/ETC/
Because the site needs to use HTTPS to register the user
Small white from the STARTSSL application to the certificate, do not know the swelling and PHP program combined to use
First of all, the operation of the small white Program environment, hope to get help from everyone
1) Nginx Agent network Apache working method processing PHP Script
2) The website program uses MVC mode 3) is also very difficult to configure the
: This article describes how to configure HTTPS support for nginx using the ssl module. For more information about PHP tutorials, see. By default, the ssl module is not installed. to use this module, you need to specify the-with-http_ssl_module parameter during compilation. the installation module depends on the OpenSSL library and some reference files, these fil
Nginx support for multiple domain name SSL certificate is required OpenSSL library support, centos5.x OpenSSL library itself does not support this feature, the need to download the compilation, the following steps
wget https://www.openssl.org/source/old/0.9.x/openssl-0.9.8zh.tar.gzTar zxvf./openssl-0.9.8zh.tar.gzCD./openssl-0.9.8zh./config Enable-tlsextMakeMake installNginx also want to recompile, add th
Add Comodo SSL Certificate for Nginx
Install Nginx First, install Nginx on your Linux distribution, or refer to Nginx's official installation tutorials.
1. Merge the obtained certificates according to the contents of the obtained SSL certificate
If you get four certificat
All HTTP requests in the recent project have to be upgraded to HTTPS, and an SSL certificate with an Nginx configuration is practiced.
Since our certificate is issued by the company, the experience of applying for a certificate is omitted, and the application for free certificate can be searched by itself.
The certificate received is divided into two files, one is XXX.CRT, the other is Xxx.key, and the corr
Generate private keys (key) and certificate request files (CSR)
Open the terminal and enter the following command
OpenSSL req-new-newkey rsa:2048-nodes-keyout domain.key-out DOMAIN.CSR
The build process asks several common questions, such as city, country, and so on.
Finally will ask challenge password, the input time remembers is OK.
After the above command is executed, the current directory will have "Domain.key" and "DOMAIN.CSR" files
Goddy Certificate
After the purchase of
Spring Boot + Nginx + Tomcat + SSL configuration notes
If your tomcat application requires ssl to enhance security, one way is to configure tomcat to support ssl, And the other way is to use nginx reverse proxy tomcat, then, configure ng
key)There is an open-source private key export tool called java-exportpriv. It is a simple java program. After downloading it, you can refer to its instructions, compile it, and run it. It is very simple and I will not be too long..3.2 Create a certificate chainUnlike Apache, Nginx does not have the Certificat Chain parameter, so you need to merge your certificate and intermediate certificate. It's easy to merge certificates by creating a first file
/private/.rand # private random number file
[Req_distinguished_name]CountryName = Country Name (2 letter code)Countryname_default = CNCountryname_min = 2Countryname_max = 2Stateorprovincename = State or province name (full name)Stateorprovincename_default = FJLocalityname = locality Name (eg, city)Localityname_default = FZ0.organizationName = Organization Name (eg, company)0.organizationname_default = ZdzOrganizationalunitname = organizational unit Name (eg, section)Organizationalunitname_defau
Nginx uses SSL module to configure HTTPS supporthttp://blog.csdn.net/xuxile/article/details/53609700How to add a Http_ssl_module module to a successful installation of the Nginx compilerhttp://blog.csdn.net/tunrijituan/article/details/62249344Nginx uses SSL module configuration to support HTTPS accessHttp://www.cnblogs
Create a server private keyOpenSSL genrsa-des3-out Server.key 1024Create a certificate for the signing request (CSR)OpenSSL Req-new-key server.key-out SERVER.CSRload SSL-supported Nginx and remove the required password when using the above private key:CP Server.key server.key.org OpenSSL rsa-in server.key.org-out server.keyThe last token certificate uses the above private key and the CSROpenSSL x509-req-day
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.