{"id":645,"date":"2021-03-05T01:22:00","date_gmt":"2021-03-04T17:22:00","guid":{"rendered":"https:\/\/wp.winter-weng.cc\/work\/?p=645"},"modified":"2021-03-07T03:19:05","modified_gmt":"2021-03-06T19:19:05","slug":"%e4%b8%bb%e6%a9%9f%e7%92%b0%e5%a2%83%e6%9b%b4%e6%96%b0%e5%af%a6%e9%8c%84-4-ssl-%e7%af%87","status":"publish","type":"post","link":"https:\/\/wp.winter-weng.cc\/work\/?p=645","title":{"rendered":"\u4e3b\u6a5f\u74b0\u5883\u66f4\u65b0\u5be6\u9304 (4) \u2013 SSL \u7bc7"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_75 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"\u986f\u793a\/\u96b1\u85cf\u5167\u5bb9\u76ee\u9304\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=645\/#nginx\" >nginx<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=645\/#apache\" >apache<\/a><ul class='ez-toc-list-level-5' ><li class='ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=645\/#000-defaultconf\" >000-default.conf<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=645\/#default-sslconf\" >default-ssl.conf<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=645\/#%E5%8F%83%E8%80%83%E8%B3%87%E6%96%99%EF%BC%9A\" >\u53c3\u8003\u8cc7\u6599\uff1a<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=645\/#%E4%B8%BB%E6%A9%9F%E7%92%B0%E5%A2%83%E6%9B%B4%E6%96%B0%E5%AF%A6%E9%8C%84%EF%BC%9A\" >\u4e3b\u6a5f\u74b0\u5883\u66f4\u65b0\u5be6\u9304\uff1a<\/a><\/li><\/ul><\/nav><\/div>\n\n<p>Https \u7684\u8a2d\u5b9a\u5176\u5be6\u4e5f\u4e0d\u662f\u8aaa\u975e\u5e38\u5fc5\u8981\uff0c\u4f46\u6bcf\u6b21\u9032\u81ea\u5df1\u7db2\u7ad9\u5c31\u770b\u5230\u4e00\u500b\u7d05\u8272\u7684\u4e0d\u5b89\u5168\u639b\u5728\u90a3\u908a\uff0c\u770b\u8457\u770b\u8457\u6e3e\u8eab\u5c31\u4e0d\u8212\u9069\u4e86\u8d77\u4f86\uff0c\u6240\u4ee5\u5c31\u4f86\u7814\u7a76\u770b\u770b\u8981\u600e\u9ebc\u639b\u4e0a\u6191\u8b49\u3002<\/p>\n\n\n\n<p>\u9996\u5148\u5148\u5230 <a rel=\"noreferrer noopener\" href=\"https:\/\/www.sslforfree.com\/\" data-type=\"URL\" data-id=\"https:\/\/www.sslforfree.com\/\" target=\"_blank\">SSL for Free<\/a> \u7533\u8acb\u6191\u8b49\uff0c\u57fa\u672c\u4e0a\u7167\u8457\u6b65\u9a5f\u505a\u3001\u9a57\u8b49\u4fe1\u7bb1\u5c31\u53ef\u4ee5\u3002\u514d\u8cbb\u7248\u6700\u591a\u53ef\u4ee5\u7533\u8acb\u4e09\u500b\u7db2\u57df\uff0c\u5982\u679c\u8981 wildcard \uff08\u5305\u542b\u6240\u6709\u5b50\u7db2\u57df\uff09\u7684\u8a71\u5c31\u5f97\u8981\u4ed8\u8cbb\u4e86\u3002\u53e6\u5916\u514d\u8cbb\u7248\u5fc5\u9808\u8981\u4e09\u500b\u6708\u66f4\u65b0\u4e00\u6b21\u6191\u8b49\u3002<\/p>\n\n\n\n<p>\u7533\u8acb\u6210\u529f\u4e4b\u5f8c\u6703\u53d6\u5f97\u91d1\u9470\u7684\u6a94\u6848\uff0c\u7b2c\u4e00\u4ef6\u4e8b\u60c5\u7576\u7136\u5c31\u662f\u8981\u653e\u5230\u4e3b\u6a5f\u88e1\u9762\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">scp -r ~\/sample user@ip:\/tmp<\/pre>\n\n\n\n<p>\u5982\u679c\u662f nginx\uff0c\u9700\u8981\u57f7\u884c\u4ee5\u4e0b\u6307\u4ee4\u5c07\u6191\u8b49\u5408\u4f75\u5728\u4e00\u8d77\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">cat certificate.crt ca_bundle.crt > certificate.merge.crt<\/pre>\n\n\n\n<p>\u8a18\u5f97\u8981\u5c07\u6191\u8b49\u6a94\u6848\u653e\u5230 docker \u6620\u5c04\u7684\u8cc7\u6599\u593e\u88e1\u9762\u3002<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"nginx\"><\/span>nginx<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>\u63a5\u8457\u4fee\u6539 nginx \u7684\u8a2d\u5b9a\u6a94\uff0c\u5982\u679c\u9032\u5230 http (80 port)\uff0c\u6703\u91cd\u5c0e\u5411\u5230 443\uff0c\u4e26\u4e14\u52a0\u5165 SSL \u7684\u8a2d\u5b9a\uff0c\u656c\u8acb\u6ce8\u610f domain-b nginx \u4e5f\u4e00\u6a23\u8981\u52a0\u4e0a\u6191\u8b49\u7684\u8a2d\u5b9a\uff0c\u5426\u5247\u6703\u6709\u4e0d\u5b89\u5168\u9023\u7dda\u6216\u662f\u6191\u8b49\u932f\u8aa4\u7684\u63d0\u793a\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">server {  \n  listen      443 ssl;  \n  server_name domain.tw;  \n  root   \/usr\/share\/nginx\/html;\n\n  ssl on;\n  ssl_certificate \/etc\/nginx\/ssl\/certificate.merge.crt;\n  ssl_certificate_key \/etc\/nginx\/ssl\/private.key;\n\n  \/\/ \u4e0b\u7565\u5404\u7a2e\u8a2d\u5b9a\n}\nserver {\n   listen       80;\n   server_name  domain.tw;\n   return 301 https:\/\/$server_name$request_uri;\n}\n\n#domain-B\nserver {\n   listen       443 ssl;\n   server_name  domain-b.domain.tw;\n   \n   ssl on;\n   ssl_certificate \/etc\/nginx\/ssl\/certificate.merge.crt;\n   ssl_certificate_key \/etc\/nginx\/ssl\/private.key;\n\n   location \/ {\n       proxy_set_header Host $host;\n       proxy_set_header X-Real-IP $remote_addr;\n       proxy_pass https:\/\/{hostIP}:8001;\n   }\n}\nserver {\n   listen       80;\n   server_name  domain-b.domain.tw;\n   return 301 https:\/\/$server_name$request_uri;\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"apache\"><\/span>apache<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>\u7531\u65bc wordpress \u7684\u90e8\u5206\u662f\u4f7f\u7528 apache\uff0c\u5728 apache \u7684\u8a2d\u5b9a\u6a94\u4e2d\u52a0\u4e0a SSL \u7684\u65b9\u5f0f\u5982\u4e0b\uff1a<\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"000-defaultconf\"><\/span>000-default.conf<span class=\"ez-toc-section-end\"><\/span><\/h5>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">&lt;VirtualHost *:80>\n  ServerName domain-c.domain.tw\n  ServerAdmin admin@localhost\n  DocumentRoot \/var\/www\/html\n  ErrorLog ${APACHE_LOG_DIR}\/error.log\n  CustomLog ${APACHE_LOG_DIR}\/access.log combined\n&lt;\/VirtualHost>\n\n&lt;IfModule mod_ssl.c>\n  &lt;VirtualHost *:443>\n    SSLEngine on\n    SSLCertificateFile       \/etc\/ssl\/certificate.crt\n    SSLCertificateKeyFile    \/etc\/ssl\/private\/private.key\n    SSLCertificateChainFile  \/etc\/ssl\/ca_bundle.crt\n\n    ServerName domain-c.domain.tw\n    ServerAdmin admin@localhost\n    DocumentRoot \/var\/www\/html\n    ErrorLog ${APACHE_LOG_DIR}\/error.log\n    CustomLog ${APACHE_LOG_DIR}\/access.log combined\n  &lt;\/VirtualHost>\n&lt;\/IfModule><\/pre>\n\n\n\n<h5 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"default-sslconf\"><\/span>default-ssl.conf<span class=\"ez-toc-section-end\"><\/span><\/h5>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">&lt;VirtualHost *:443>\n  DocumentRoot \/var\/www\/html\n  ErrorLog ${APACHE_LOG_DIR}\/error.log\n  CustomLog ${APACHE_LOG_DIR}\/access.log combined\n\n  SSLEngine on\n  ServerName domain-c.domain.tw\n  SSLCertificateFile       \/etc\/ssl\/certificate.crt\n  SSLCertificateKeyFile    \/etc\/ssl\/private\/private.key\n  SSLCertificateChainFile  \/etc\/ssl\/ca_bundle.crt\n\n  &lt;FilesMatch \"\\.(cgi|shtml|phtml|php)$\">\n          SSLOptions +StdEnvVars\n  &lt;\/FilesMatch>\n  &lt;Directory \/usr\/lib\/cgi-bin>\n          SSLOptions +StdEnvVars\n  &lt;\/Directory>\n&lt;\/VirtualHost><\/pre>\n\n\n\n<p>\u6700\u91cd\u8981\u7684\u4e00\u6b65\uff0c\u9032\u5165 container\uff0c\u4e26\u57f7\u884c\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">a2enmod ssl<\/pre>\n\n\n\n<p>\u5b8c\u6210\u4e4b\u5f8c\u91cd\u65b0\u555f\u52d5\u6a5f\u5668\u5373\u53ef\u5957\u7528\u8a2d\u5b9a\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%8F%83%E8%80%83%E8%B3%87%E6%96%99%EF%BC%9A\"><\/span>\u53c3\u8003\u8cc7\u6599\uff1a<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>SSL For Free \u514d\u8cbb SSL \u6191\u8b49\u7533\u8acb\uff0c\u4f7f\u7528 Let\u2019s Encrypt \u6700\u7c21\u55ae\u65b9\u6cd5\u6559\u5b78\uff01<br><a rel=\"noreferrer noopener\" href=\"https:\/\/free.com.tw\/ssl-for-free\/\" target=\"_blank\">https:\/\/free.com.tw\/ssl-for-free\/<\/a><\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E4%B8%BB%E6%A9%9F%E7%92%B0%E5%A2%83%E6%9B%B4%E6%96%B0%E5%AF%A6%E9%8C%84%EF%BC%9A\"><\/span>\u4e3b\u6a5f\u74b0\u5883\u66f4\u65b0\u5be6\u9304\uff1a<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ol class=\"wp-block-list\" id=\"block-5d87fc04-e736-4000-b30c-1e9f94c82607\"><li><a rel=\"noreferrer noopener\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=627\" target=\"_blank\">\u4e3b\u6a5f\u74b0\u5883\u66f4\u65b0\u5be6\u9304 (1) &#8211; \u524d\u60c5\u63d0\u8981\u7bc7<\/a><\/li><li><a rel=\"noreferrer noopener\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=630\" target=\"_blank\">\u4e3b\u6a5f\u74b0\u5883\u66f4\u65b0\u5be6\u9304 (2) \u2013 Docker \u7bc7<\/a><\/li><li><a rel=\"noreferrer noopener\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=639\" target=\"_blank\">\u4e3b\u6a5f\u74b0\u5883\u66f4\u65b0\u5be6\u9304 (3) \u2013 DNS \u53ca\u8f49\u5c0e\u7bc7<\/a><\/li><li><a rel=\"noreferrer noopener\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=645\" target=\"_blank\">\u4e3b\u6a5f\u74b0\u5883\u66f4\u65b0\u5be6\u9304 (4) \u2013 SSL \u7bc7<\/a><\/li><li><a rel=\"noreferrer noopener\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=649\" target=\"_blank\">\u4e3b\u6a5f\u74b0\u5883\u66f4\u65b0\u5be6\u9304 (5) \u2013 WP \u7bc7<\/a><\/li><li><a rel=\"noreferrer noopener\" href=\"https:\/\/wp.winter-weng.cc\/work\/?p=656\" target=\"_blank\">\u4e3b\u6a5f\u74b0\u5883\u66f4\u65b0\u5be6\u9304 (6) \u2013 \u5b8c\u7d50\u7bc7<\/a><\/li><\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Https \u7684\u8a2d\u5b9a\u5176\u5be6\u4e5f\u4e0d\u662f\u8aaa\u975e\u5e38\u5fc5\u8981\uff0c\u4f46\u6bcf\u6b21\u9032\u81ea&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"pgc_sgb_lightbox_settings":"","footnotes":""},"categories":[11],"tags":[],"class_list":["post-645","post","type-post","status-publish","format-standard","hentry","category-11"],"_links":{"self":[{"href":"https:\/\/wp.winter-weng.cc\/work\/index.php?rest_route=\/wp\/v2\/posts\/645","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wp.winter-weng.cc\/work\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wp.winter-weng.cc\/work\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wp.winter-weng.cc\/work\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wp.winter-weng.cc\/work\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=645"}],"version-history":[{"count":7,"href":"https:\/\/wp.winter-weng.cc\/work\/index.php?rest_route=\/wp\/v2\/posts\/645\/revisions"}],"predecessor-version":[{"id":680,"href":"https:\/\/wp.winter-weng.cc\/work\/index.php?rest_route=\/wp\/v2\/posts\/645\/revisions\/680"}],"wp:attachment":[{"href":"https:\/\/wp.winter-weng.cc\/work\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=645"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wp.winter-weng.cc\/work\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=645"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wp.winter-weng.cc\/work\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=645"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}