Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to convert the HTTP website into a HTTPS website for free. The content of the article is of high quality, so the editor will share it with you for reference. I hope you will have a certain understanding of the relevant knowledge after reading this article.

About the difference between HTTPS and HTTP, as well as the advantages of HTTPS, the relationship between HTTPS and SSL, as a "layman", how to build your own HTTPS server step by step.

1. Apply for SSL certificate

SSL certificate is an encryption protocol. Most enterprise-level SSL certificates are free and are not cheap for individual developers (tuhao at will). Some of the SSL certificates for personal use are free, such as Let's Encrypt, Aliyun, Tencent Cloud, Zaipaiyun, and so on. There are APIs for applying for free certificates.

Here, take Aliyun as an example. The free application process is as follows:

(1) sign up for Aliyun account

(2) Open "Management console"-- "Security (Cloud Shield)"-- "CA Certificate Service"

(3) Open the "purchase Certificate" in the upper right corner:

(4) Select "Free DV SSL" and click Buy now. After the purchase is successful, jump to the my Certificate page:

(5) if the status is "to be completed", click "complete" button on the right to complete the domain name information:

(6) Click "next" according to the process, fill in personal information, upload relevant information, etc. * Jump back to the my Certificate page:

(7) the status at this time has become "pending review". Click the "Progress" button on the right to enter the details page:

(8) Domain name authorization verification needs to be configured here. For more information, please see: how to configure domain name authorization verification? After the configuration is completed, click "configuration check". If the configuration is successful, then:

Just wait patiently for the audit result at this time. It usually takes 3 to 5 working days.

2. Configure a basic Nginx server

Here we use Python's Flask framework to build the simplest website, and the page returns directly to Hello World.

It is recommended that you use docker for website deployment. It is recommended to have your own Docker image, which integrates various libraries needed for Python website development and crawlers, as well as related services such as uWSGI and Nginx installed. The address is: https://hub.docker.com/r/xianhu/centos/

After downloading the image, create a new container and open ports 80 and 443:

PS: open 80 here to test HTTP, and open 443 to test HTTPS.

Docker run-it-- name test-p 80:80-p 443 xxx/image:v10

After entering the image, create a new FlaskDemo directory and a new FlaskDemo.py file. The file code is as follows:

From flask import Flask app = Flask (_ _ name__) @ app.route ('/') def hello_world (): return 'Hello Worldwide' If _ _ name__ = ='_ _ main__': app.run ()

Then use uWSGI to start Flask programs, about uWSGI knowledge I believe programmers who have done Flask should know.

Uwsgi-s / tmp/uwsgi.sock-w FlaskDemo:app-- chdir / root/FlaskDemo/-- chmod-socket=666

Modify the Nginx configuration file at / etc/nginx/conf.d/default.conf:

Server {listen 80; server_name xxx.com; charset utf-8; location / {include uwsgi_params; uwsgi_pass unix:/tmp/uwsgi.sock;} server {listen 80 default; server_name ""; return 500;} server {listen 80 default; server_name ""; return 500;}

The configuration is simple. Restart nginx-s reload after modification to make the configuration file effective. When you visit the domain name and address, you can see the following effect, and the configuration of the HTTP website is complete. Note: the domain name needs to be put on record, otherwise it is not allowed to go online in China.

Access is made through HTTP at this time. Next we need to change to HTTPS access.

3. Configure the SSL certificate in Nginx

After two or three days of waiting, the SSL certificate application was finally successful, that is, in the "CA Certificate Service" in Aliyun's "Security (Cloud Shield)" product, the "certificate status" changed to "issued":

Download the certificate to the server, and you can get two files: xxxx.pem and xxxx.key

Under the installation directory of Nginx, create a new folder cert, and copy the above two files to this folder:

Modify the Nginx configuration file / etc/nginx/conf.d/default.conf at this time:

Server {listen 443; server_name xxx.com; charset utf-8; # access_log / var/log/nginx/host.access.log main; ssl on; ssl_certificate cert/xxxx.pem; ssl_certificate_key cert/xxxx.key; ssl_session_timeout 5m; ssl_ciphers. Ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / {include uwsgi_params; uwsgi_pass unix:/tmp/uwsgi.sock;}}

After saving the configuration file, restart Nginx:nginx-s reload.

If you visit the website at this time, you will get:

That is, HTTPS is configured successfully!

On how to convert the HTTP website into a HTTPS website for free to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.