极客观点
项目管理
HarmonyOS
证书生成按照这个方法 自签证书生成
nginx配置
server {
listen 8443;
server_name mydomain.com;
#ssi on;
#ssi_silent_errors on;
#ssi_types text/shtml;
ssl on;
ssl_certificate /home/simplesslife/ssl/certs/server.cer; #/home/simplesslife/ssl/demoCA/test.com.crt;
ssl_certificate_key /home/simplesslife/ssl/private/server.key; #/home/simplesslife/ssl/demoCA/test.com.key;
ssl_client_certificate /home/simplesslife/ssl/certs/ca.cer; #/home/simplesslife/ssl/demoCA/ca.crt;
ssl_session_timeout 5m;
ssl_verify_client on;
ssl_protocols SSLv2 SSLv3 TLSv1;
#ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES257-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:E
CDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:!ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-R
SA-AES256-SHA:!RC4-SHA:HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!CBC:!EDH:!kEDH:!PSK:!SRP:!kECDH;
#ssl_ciphers 'AES128+EECDH:AES128+EDH:!aNULL';
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}curl命令
curl -E certs/client.cer --key private/client.key --cacert certs/ca.cer https://www.mydomain.com:8443 -k报错
<html>
<head><title>400 The SSL certificate error</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The SSL certificate error</center>
<hr><center>nginx/1.8.0</center>
</body>
</html>帮忙看看到底是哪里出错了?
能帮我看下我的https为啥提示不安全啊?https://www.itxm.net