Shulou(Shulou.com)06/01 Report--

In this article, the editor introduces in detail "how Nginx deploys https encryption authentication", the content is detailed, the steps are clear, and the details are handled properly. I hope that this article "how Nginx deploys https encryption authentication" can help you solve your doubts.

You can apply for the certificate required by https on StartSSL. In the principle part, please build the website into a server module of https,nginx and configure port 443 listening, and complete the certificate and private key information. The server module of nginx is configured with port 80 to force you to jump to https.

The basic principle of HTTPS

Public key private key ssh-keygen-t rsa-C "new email" certificate, public key plus CA authentication

CA is the authority that issues trusted certificates

TLS1.2 is currently the highest version, and bug has not been found yet. Do not choose that SSL,TLS is a subsequent version of SSL and is more secure than SSL. OpenSSL supports TLS.

About a series of RSA encryption and decryption, including symmetric encryption and decryption, SHA digest signature, etc., pay attention to understand its principle. Among them, SHA1 has been cracked by Professor Wang Xiaoyun of Shandong University and changed to SHA2.

302 browser jump requires a new tcp handshake

For the certificate sent by the server, the browser needs to go to its CA to verify whether it is trusted.

The certificate private key is mainly used to negotiate the symmetric encryption key.

Apply for a certificate

StartSSL is a free certificate provider certified worldwide. Specific registration and the use of reference to its official website, this blog article explained in more detail.

Nginx configuration supports # redirect to httpsserver {listen 80; server_name blog.huachao.me; return 301 https://$server_name$request_uri;}

Proxy & ssl

Server {listen 443 ssl; server_name blog.huachao.me; ssl on; ssl_certificate / path/to/cert_file; ssl_certificate_key / path/to/private_key; location / {proxy_pass http://localhost:port; }} here, the article "how Nginx deploys https encryption authentication" has been introduced. If you want to master the knowledge points of this article, you still need to practice and use it yourself. If you want to learn more about related articles, welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.