{"id":7556,"date":"2022-09-26T22:07:42","date_gmt":"2022-09-26T14:07:42","guid":{"rendered":"https:\/\/blog.iyatt.com\/?p=7556"},"modified":"2024-05-05T14:18:43","modified_gmt":"2024-05-05T06:18:43","slug":"%e7%bd%91%e7%ab%99%e9%85%8d%e7%bd%ae-https","status":"publish","type":"post","link":"https:\/\/blog.iyatt.com\/?p=7556","title":{"rendered":"\u7f51\u7ad9\u914d\u7f6e https"},"content":{"rendered":"<p>\u7f51\u7ad9 SSL\/TLS \u4f30\u8bc4: <a href=\"https:\/\/myssl.com\/\">https:\/\/myssl.com\/<\/a><br \/>\n\u514d\u8d39 SSL \u8bc1\u4e66\u7533\u8bf7\uff1a<a href=\"https:\/\/freessl.cn\/\">https:\/\/freessl.cn\/<\/a><br \/>\n<img decoding=\"async\" data-src=\"https:\/\/blog.iyatt.com\/wp-content\/uploads\/2022\/09\/image-1664201408562.png\" alt=\"file\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" style=\"--smush-placeholder-width: 848px; --smush-placeholder-aspect-ratio: 848\/583;\" \/><br \/>\n<img decoding=\"async\" data-src=\"https:\/\/blog.iyatt.com\/wp-content\/uploads\/2022\/09\/image-1664237959257.png\" alt=\"file\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" style=\"--smush-placeholder-width: 511px; --smush-placeholder-aspect-ratio: 511\/603;\" \/><br \/>\n<img decoding=\"async\" data-src=\"https:\/\/blog.iyatt.com\/wp-content\/uploads\/2022\/09\/image-1664237974186.png\" alt=\"file\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" style=\"--smush-placeholder-width: 446px; --smush-placeholder-aspect-ratio: 446\/321;\" \/><br \/>\n<img decoding=\"async\" data-src=\"https:\/\/blog.iyatt.com\/wp-content\/uploads\/2022\/09\/image-1664237985108.png\" alt=\"file\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" style=\"--smush-placeholder-width: 655px; --smush-placeholder-aspect-ratio: 655\/751;\" \/><br \/>\n<img decoding=\"async\" data-src=\"https:\/\/blog.iyatt.com\/wp-content\/uploads\/2022\/09\/image-1664237999732.png\" alt=\"file\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" style=\"--smush-placeholder-width: 670px; --smush-placeholder-aspect-ratio: 670\/818;\" \/><\/p>\n<p>\u6211\u4f7f\u7528\u7684\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u662f Ubuntu 20.04,\u7f51\u7ad9\u670d\u52a1\u5668\u8f6f\u4ef6\u4f7f\u7528\u7684 nginx\u3002<br \/>\n\u5173\u4e8e nginx \u76d1\u542c\u7aef\u53e3\uff0chttps \u76f8\u5173\u7684\u914d\u7f6e\u90fd\u5728 <strong>\/etc\/nginx\/sites-available\/default<\/strong> \u8fdb\u884c\uff08\u4ee5 root \u6743\u9650\u7f16\u8f91\uff09<br \/>\n\u5982\uff1a<\/p>\n<pre><code class=\"language-nginx\"># \u76d1\u542c iyatt.com \u7684 80 \u7aef\u53e3\uff0c\u5373 http:\/\/iyatt.com\nserver {\n        listen 80;\n        server_name iyatt.com;\n\n        root \/var\/www\/html;  # http:\/\/iyatt.com \u7684\u8bbf\u95ee\u76ee\u5f55\n\n        index index.html index.htm index.nginx-debian.html;\n\n        location \/ {\n                return 301 https:\/\/iyatt.com$request_uri; # http \u91cd\u5b9a\u5411\u5230 https\uff08301 \u6c38\u4e45\u8df3\u8f6c\uff09\n        }\n}\n\n# \u76d1\u542c iyatt.com \u7684 443 \u7aef\u53e3\uff0c\u5373 https:\/\/iyatt.com\nserver {\n        listen 443 ssl http2;\n        server_name iyatt.com;\n\n        # SSL \u8bc1\u4e66\u6587\u4ef6\u8def\u5f84\n        ssl_certificate \/etc\/nginx\/cert\/full_chain.pem;\n        ssl_certificate_key \/etc\/nginx\/cert\/private.key;\n\n        ssl_session_timeout 1d; # \u5ba2\u6237\u7aef\u53ef\u4ee5\u91cd\u7528 session \u53c2\u6570\u7684\u65f6\u95f4\uff08\u8d85\u65f6\u540e\u4e0d\u53ef\u7528\uff09\n        ssl_session_cache shared:MozSSL:10m; # SSL session \u7f13\u5b58\uff0c\u6bcf\u6d88\u8017 1M \u5185\u5b58\u53ef\u4ee5\u7f13\u5b58 4000 \u4e2a\uff0c\u8fd9\u91cc 10M \u53ef\u4ee5\u7f13\u5b58 40000 \u4e2a\n        ssl_session_tickets off;\n\n        # \u52a0\u5bc6\u5957\u4ef6\n        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;\n        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA;\n        ssl_prefer_server_ciphers on;\n\n        # HTSL\n        add_header Strict-Transport-Security &quot;max-age=63072000&quot;;\n\n        # \u7981\u6b62\u672c\u7ad9\u653e\u5165 iFrame \u5185\n        add_header X-Frame-Options &quot;DENY&quot;;\n\n        root \/var\/www\/html;\n }\n<\/code><\/pre>\n<p>\u4e0a\u9762\u7684\u4ec5\u4f5c\u53c2\u8003\uff0c\u5176\u4e2d\u90e8\u5206\u5185\u5bb9\u662f\u901a\u8fc7 <a href=\"https:\/\/ssl-config.mozilla.org\/\">https:\/\/ssl-config.mozilla.org\/<\/a> \u751f\u6210\u7684\uff0c\u5982\u679c\u4f7f\u7528\u7684\u5176\u5b83\u670d\u52a1\u5668\u8f6f\u4ef6\uff0c\u6216\u8005\u4e0d\u540c\u7248\u672c\uff0c\u9700\u8981\u4e0d\u540c\u7684\u517c\u5bb9\u6027\uff0c\u53ef\u4ee5\u81ea\u5df1\u524d\u5f80\u751f\u6210\u3002<br \/>\n\u4f7f\u7528\u6700\u65b0\u7684\u52a0\u5bc6\u65b9\u5f0f\uff0c\u5b89\u5168\u6027\u4f1a\u66f4\u9ad8\uff0c\u4f46\u662f\u5bf9\u4e8e\u65e7\u7248\u7cfb\u7edf\u3001\u6d4f\u89c8\u5668\u7684\u652f\u6301\u6027\u5c31\u4f1a\u53d8\u4f4e\uff08\u517c\u5bb9\u6027\u53d8\u5dee\uff09\uff0c\u7ed3\u5408\u81ea\u5df1\u7684\u9700\u8981\u8fdb\u884c\u914d\u7f6e\u5373\u53ef\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u7f51\u7ad9 SSL\/TLS \u4f30\u8bc4: https:\/\/myssl.com\/ \u514d\u8d39 SSL \u8bc1\u4e66\u7533\u8bf7\uff1ahttps:\/\/f [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"zakra_page_container_layout":"customizer","zakra_page_sidebar_layout":"customizer","zakra_remove_content_margin":false,"zakra_sidebar":"customizer","zakra_transparent_header":"customizer","zakra_logo":0,"zakra_main_header_style":"default","zakra_menu_item_color":"","zakra_menu_item_hover_color":"","zakra_menu_item_active_color":"","zakra_menu_active_style":"","zakra_page_header":true,"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[1,596],"tags":[],"class_list":["post-7556","post","type-post","status-publish","format-standard","hentry","category-all","category-nginx"],"modified_by":"IYATT-yx","_links":{"self":[{"href":"https:\/\/blog.iyatt.com\/index.php?rest_route=\/wp\/v2\/posts\/7556","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.iyatt.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.iyatt.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.iyatt.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.iyatt.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7556"}],"version-history":[{"count":0,"href":"https:\/\/blog.iyatt.com\/index.php?rest_route=\/wp\/v2\/posts\/7556\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.iyatt.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7556"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.iyatt.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7556"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.iyatt.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7556"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}