HTTPS

http, https

[TODO]HTTPS

原理

部署

https://mozilla.github.io/server-side-tls/ssl-config-generator/
https://cipherli.st/
https://weakdh.org/sysadmin.html

Nginx配置

1
2
3
4
5
6
7
8
9
10
server {
    listen 443 ssl;
    server_name YOUR_DOMAINNAME_HERE;

    ssl_certificate        /etc/ssl/kekek.cc/chained.pem;   // 公钥
    ssl_certificate_key    /etc/ssl/kekek.cc/domain.key;	// 私钥		
    ssl_session_timeout    1d;
    ssl_session_cache      shared:SSL:50m;
    ssl_session_tickets    off;
}

Node.js配置

1
2
3
4
5
6
7
8
9
10
11
12
13
var server = http.createServer(app);
var httpsServer = https.createServer({
    key: fs.readFileSync('/etc/ssl/kekek.cc/domain.key'),
    cert: fs.readFileSync('/etc/ssl/kekek.cc/chained.pem')
}, app);

server.listen(80);
server.on('error', onError);
server.on('listening', onListening);

httpsServer.listen(443);
httpsServer.on('error', onError);
httpsServer.on('listening', onListening);

参考

本站采用「署名 4.0 国际」进行许可。