SSL\u8bc1\u4e66\u662f\u4e00\u79cd\u7528\u4e8e\u4fdd\u62a4\u7f51\u7ad9\u548c\u7528\u6237\u6570\u636e\u5b89\u5168\u7684\u6570\u5b57\u8bc1\u4e66\uff0c\u5b83\u901a\u8fc7\u52a0\u5bc6\u901a\u8baf\u534f\u8bae\u6765\u786e\u4fdd\u6570\u636e\u5728\u4f20\u8f93\u8fc7\u7a0b\u4e2d\u4e0d\u88ab\u7a83\u53d6\u6216\u7be1\u6539\u3002\u56e0\u6b64\uff0cSSL\u8bc1\u4e66\u662f\u73b0\u4ee3\u7f51\u7edc\u5b89\u5168\u7684\u91cd\u8981\u7ec4\u6210\u90e8\u5206\u3002<\/p>\n
SSL\u8bc1\u4e66\u7684\u7533\u8bf7\u65b9\u5f0f\u4e3b\u8981\u6709\u4e09\u79cd\uff1a\u81ea\u7b7e\u540d\u8bc1\u4e66\u3001\u514d\u8d39\u8bc1\u4e66\u548c\u6536\u8d39\u8bc1\u4e66\u3002\u4e0b\u9762\u5c06\u5bf9\u8fd9\u4e09\u79cd\u8bc1\u4e66\u7684\u7533\u8bf7\u65b9\u5f0f\u8fdb\u884c\u8be6\u7ec6\u4ecb\u7ecd\u3002<\/p>\n
1. \u81ea\u7b7e\u540d\u8bc1\u4e66<\/p>\n
\u81ea\u7b7e\u540d\u8bc1\u4e66\u662f\u4e00\u79cd\u81ea\u5df1\u7b7e\u53d1\u7684\u8bc1\u4e66\uff0c\u4e0d\u9700\u8981\u4efb\u4f55\u7b2c\u4e09\u65b9\u673a\u6784\u7684\u8ba4\u8bc1\u3002\u5b83\u53ef\u4ee5\u5728\u672c\u5730\u670d\u52a1\u5668\u4e0a\u751f\u6210\uff0c\u53ea\u80fd\u7528\u4e8e\u6d4b\u8bd5\u6216\u5185\u90e8\u4f7f\u7528\uff0c\u4e0d\u80fd\u7528\u4e8e\u516c\u7f51\u4e0a\u7684\u7f51\u7ad9\u3002\u81ea\u7b7e\u540d\u8bc1\u4e66\u7684\u7533\u8bf7\u65b9\u6cd5\u6bd4\u8f83\u7b80\u5355\uff0c\u53ef\u4ee5\u901a\u8fc7openssl\u547d\u4ee4\u6216\u5176\u4ed6\u5de5\u5177\u6765\u751f\u6210\u3002<\/p>\n
\u4f7f\u7528openssl\u547d\u4ee4\u751f\u6210\u81ea\u7b7e\u540d\u8bc1\u4e66\u7684\u6b65\u9aa4\u5982\u4e0b\uff1a<\/p>\n
1) \u751f\u6210\u79c1\u94a5<\/p>\n
openssl genrsa -out server.key 2048<\/p>\n
2) \u751f\u6210\u8bc1\u4e66\u8bf7\u6c42<\/p>\n
openssl req -new -key server.key -out server.csr<\/p>\n
3) \u7b7e\u53d1\u8bc1\u4e66<\/p>\n
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt<\/p>\n
\u751f\u6210\u7684server.crt\u5c31\u662f\u81ea\u7b7e\u540d\u8bc1\u4e66\u3002<\/p>\n
2. \u514d\u8d39\u8bc1\u4e66<\/p>\n
\u514d\u8d39\u8bc1\u4e66\u662f\u7531\u4e00\u4e9b\u77e5\u540d\u7684\u7b2c\u4e09\u65b9\u673a\u6784\u9881\u53d1\u7684\u8bc1\u4e66\uff0c\u5982Let’s Encrypt\u3001StartSSL\u7b49\u3002\u8fd9\u4e9b\u673a\u6784\u63d0\u4f9b\u7684\u8bc1\u4e66\u53ef\u4ee5\u7528\u4e8e\u516c\u7f51\u4e0a\u7684\u7f51\u7ad9\uff0c\u53ef\u4ee5\u514d\u8d39\u7533\u8bf7\u548c\u66f4\u65b0\uff0c\u4f46\u9700\u8981\u7ecf\u8fc7\u4e00\u5b9a\u7684\u9a8c\u8bc1\u6d41\u7a0b\u3002\u514d\u8d39\u8bc1\u4e66\u7684\u7533\u8bf7\u65b9\u6cd5\u5982\u4e0b\uff1a<\/p>\n
1) \u9009\u62e9\u8bc1\u4e66\u673a\u6784<\/p>\n
\u9009\u62e9\u4e00\u4e2a\u53ef\u9760\u7684\u8bc1\u4e66\u673a\u6784\uff0c\u5982Let’s Encrypt\u3002<\/p>\n
2) \u7533\u8bf7\u8bc1\u4e66<\/p>\n
\u8bc1\u4e66\u673a\u6784\u4e00\u822c\u63d0\u4f9b\u5728\u7ebf\u7533\u8bf7\u5de5\u5177\uff0c\u9700\u8981\u586b\u5199\u4e00\u4e9b\u57fa\u672c\u4fe1\u606f\uff0c\u5982\u57df\u540d\u3001\u90ae\u7bb1\u7b49\u3002<\/p>\n
3) \u9a8c\u8bc1\u57df\u540d<\/p>\n
\u8bc1\u4e66\u673a\u6784\u4f1a\u5411\u7533\u8bf7\u8005\u7684\u90ae\u7bb1\u6216\u57df\u540dWHOIS\u4fe1\u606f\u4e2d\u7684\u8054\u7cfb\u4eba\u53d1\u9001\u9a8c\u8bc1\u90ae\u4ef6\uff0c<\/p>\n
\u9700\u8981\u70b9\u51fb\u94fe\u63a5\u6216\u56de\u590d\u90ae\u4ef6\u8fdb\u884c\u9a8c\u8bc1\u3002<\/p>\n 4) \u4e0b\u8f7d\u8bc1\u4e66<\/p>\n \u9a8c\u8bc1\u901a\u8fc7\u540e\uff0c\u8bc1\u4e66\u673a\u6784\u4f1a\u751f\u6210\u8bc1\u4e66\u6587\u4ef6\uff0c\u53ef\u4ee5\u4e0b\u8f7d\u5230\u672c\u5730\u670d\u52a1\u5668\u4e0a\u3002<\/p>\n 3. \u6536\u8d39\u8bc1\u4e66<\/p>\n![](\"https:\/\/i.yimenyun.net\/2023-03\/09\/14\/31013037835.jpg\")
<\/figure>\n<\/p>\n