{"id":161345,"date":"2020-09-09T23:02:30","date_gmt":"2020-09-09T15:02:30","guid":{"rendered":"http:\/\/4563.org\/?p=161345"},"modified":"2020-09-09T23:02:30","modified_gmt":"2020-09-09T15:02:30","slug":"%e5%85%b3%e4%ba%8e-https-%e8%b4%9f%e8%bd%bd%e5%9d%87%e8%a1%a1%e9%97%ae%e9%a2%98","status":"publish","type":"post","link":"http:\/\/4563.org\/?p=161345","title":{"rendered":"\u5173\u4e8e HTTPS \u8d1f\u8f7d\u5747\u8861\u95ee\u9898"},"content":{"rendered":"<div>\n<div>\n<div>\n<h1>                  \u5173\u4e8e HTTPS \u8d1f\u8f7d\u5747\u8861\u95ee\u9898               <\/h1>\n<p> <\/p>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : imherer <\/span>  <span><i><\/i> 6<\/span> <\/div>\n<div> <\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div isfirst=\"1\"> <\/p>\n<p>\u4ee5\u524d\u505a HTTPS \u90fd\u662f\u5728\u8d1f\u8f7d\u5747\u8861\u8fd9\u4e00\u5c42\u505a\u7684<\/p>\n<p>\u6700\u8fd1\u770b golang \u53d1\u73b0 gin \u6846\u67b6\u6709 HTTPS \u7684\u652f\u6301\uff0c\u5b98\u65b9\u4ee3\u7801\u5982\u4e0b\uff1a<\/p>\n<pre><code>package main  import (  \"log\"   \"github.com\/gin-gonic\/autotls\"  \"github.com\/gin-gonic\/gin\" )  func main() {  r := gin.Default()   \/\/ Ping handler  r.GET(\"\/ping\", func(c *gin.Context) {   c.String(200, \"pong\")  })   log.Fatal(autotls.Run(r, \"example1.com\", \"example2.com\")) } <\/code><\/pre>\n<p>\u90a3\u4e48\u95ee\u9898\u6765\u4e86\uff0c\u5982\u679c\u5e94\u7528\u672c\u8eab\u8d77\u6765\u5c31\u662f\u4e00\u4e2a HTTPS\uff0c\u50cf\u4e0a\u9762\u8fd9\u6837\uff0c\u90a3\u6211\u8d1f\u8f7d\u5747\u8861\u90a3\u4e00\u5c42\u5e94\u8be5\u600e\u4e48\u505a\uff1f<\/p>\n<\/p><\/div>\n<div> <b>\u5927\u4f6c\u6709\u8a71\u8aaa<\/b> (<span>9<\/span>)        <\/div>\n<div> <\/div>\n<\/p><\/div>\n<\/p><\/div>\n<ul>\n<li data-pid=\"3483708\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : Judoon <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             \u6ca1\u4ec0\u4e48\u5dee\u522b\u554a\uff0c<br \/>\u8d1f\u8f7d\u5747\u8861\u5411 upstream server \u8f6c\u53d1\u7684\u534f\u8bae\u4ece http \u6362\u6210 https \u800c\u5df2<br \/>\u987a\u5e26\u5982\u679c upstream server \u7684\u8bc1\u4e66\u662f\u81ea\u7b7e\u7684\u5c31\u52a0\u4e0a\u4e0d\u9a8c\u8bc1\u8bc1\u4e66\u7684\u9009\u9879                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"3483709\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : chendy <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             \u90a3\u4e48\u95ee\u9898\u6765\u4e86\uff0c\u5df2\u7ecf\u6709\u4e00\u5c42\u53cd\u4ee3\u505a https \u4e86\uff0c\u5e94\u7528\u4e3a\u5565\u8fd8\u9700\u8981 https                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"3483710\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : darrh00 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             \u5982\u679c\u7b2c\u4e00\u5c42\u5230 upstream \u7684\u94fe\u8def\u662f\u4e0d\u5b89\u5168\u7684\uff0c\u5c31\u5e94\u8be5\u7528 https                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"3483711\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u4e3b<\/span> <span>\u8cc7\u6df1\u5927\u4f6c : imherer <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             @chendy \u53ef\u80fd\u662f\u6211\u6ca1\u8868\u8ff0\u6e05\u695a\u3002<br \/>\u6211\u7684\u610f\u601d\u662f\u5e94\u7528\u5c42\u5df2\u7ecf\u662f HTTPS \u4e86\uff0c\u800c\u4e14\u770b\u5b83\u8fd9\u4e2a demo \u662f\u76f4\u63a5\u7ed1\u5b9a\u4e86\u57df\u540d\u4e86<br \/>\u8d1f\u8f7d\u5747\u8861\u600e\u4e48\u505a\u5462\uff1f \u56e0\u4e3a\u57df\u540d\u5df2\u7ecf\u7ed1\u5728\u5e94\u7528\u8fd9\u4e00\u5c42\u4e86                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"3483712\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u4e3b<\/span> <span>\u8cc7\u6df1\u5927\u4f6c : imherer <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             @Judoon <br \/>@darrh00 <br \/>\u8c22\u8c22 \u6211\u518d\u7814\u7a76\u7814\u7a76                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"3483713\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : suconghou <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             \u8fd9\u6837\u8d1f\u8f7d\u5747\u8861\u53ef\u4ee5\u7528 nginx sni proxy \u6765\u505a,\u4f46\u4e00\u822c\u7684\u505a\u6cd5\u90fd\u662f\u6d41\u91cf\u5230\u8fbe\u96c6\u7fa4\u540e\u89e3\u5bc6,\u800c\u4e0d\u662f\u4ea4\u7ed9\u5e94\u7528\u5c42\u89e3\u5bc6;\u5728\u96c6\u7fa4\u89e3\u5bc6\u6293\u5305 debug,\u8def\u5f84\u5206\u6d41,\u670d\u52a1\u62c6\u5206\u90fd\u66f4\u65b9\u4fbf\u4e9b                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"3483714\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : goodryb <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             @imherer #4 \u8d1f\u8f7d\u5747\u8861\u53ef\u4ee5\u505a 4 \u5c42 tcp \u7684\u554a\uff0c \u53ea\u662f\u7eaf\u6d41\u91cf\u8f6c\u53d1\uff0chttps \u5e94\u7528\u4fa7\u6765\u5904\u7406\u5c31\u597d\u4e86                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"3483715\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : xuanbg <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             \u8d1f\u8f7d\u5747\u8861\u4e0d\u662f\u4e00\u822c\u90fd\u7528 Nginx \u7684 upstream \u5417\uff1f                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"3483716\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : Judoon <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>          <\/span> <\/div>\n<\/p><\/div>\n<div>                                                             @imherer #4 <br \/>&#8220;\u6211\u7684\u610f\u601d\u662f\u5e94\u7528\u5c42\u5df2\u7ecf\u662f HTTPS \u4e86\uff0c\u800c\u4e14\u770b\u5b83\u8fd9\u4e2a demo \u662f\u76f4\u63a5\u7ed1\u5b9a\u4e86\u57df\u540d\u4e86<br \/>\u8d1f\u8f7d\u5747\u8861\u600e\u4e48\u505a\u5462\uff1f \u56e0\u4e3a\u57df\u540d\u5df2\u7ecf\u7ed1\u5728\u5e94\u7528\u8fd9\u4e00\u5c42\u4e86&#8221;<\/p>\n<p>\u6211\u7c97\u770b\u4e86 go-ginic \u7684 autotls\uff0c\u597d\u50cf\u7528\u7684\u662f acme \u6765\u81ea\u52a8\u7533\u8bf7\u8bc1\u4e66\u3002\u4ed6\u8fd9\u4e2a demo \u4f20\u57df\u540d\u662f\u4e3a\u4e86\u7533\u8bf7\u8bc1\u4e66\uff0c\u800c\u5982\u679c\u4f60\u5728\u5e94\u7528\u542f\u52a8\u524d\u53c8\u6ca1\u6709\u8bc1\u4e66\uff0c\u90a3\u524d\u9762\u7684\u8d1f\u8f7d\u5747\u8861\u5c31\u505a\u4e0d\u4e86 7 \u5c42\u7684\uff0c\u4f1a\u9677\u5165\u5148\u6709\u9e21\u5148\u6709\u86cb\u7684\u95ee\u9898\u3002\u4f60\u53ef\u4ee5\u505a 4 \u5c42\u7684\u8d1f\u8f7d\u5747\u8861\u3002<\/p>\n<p>\u5982\u679c\u4f60\u5df2\u7ecf\u6709\u4e86\u8bc1\u4e66\uff0c\u57df\u540d\u7684 ip \u662f\u6307\u5411\u5230\u524d\u7f6e\u7684\u8d1f\u8f7d\u5747\u8861\u7684\uff0c\u8d1f\u8f7d\u5747\u8861\u518d\u5411\u540e\u7aef\u8f6c\u53d1\u65f6\u5c31\u5fc5\u987b\u914d\u7f6e ip \u7aef\u53e3\uff0c\u5916\u52a0 sni \u57df\u540d<br \/>#6 \u8bf4\u7684 nginx sni proxy \u5927\u6982\u5c31\u662f\u5982\u4e0b<\/p>\n<p> proxy_pass https:\/\/1.2.3.4;<br \/> proxy_read_timeout 60;<br \/> proxy_ssl_name $host;<br \/> proxy_ssl_server_name on;<br \/> proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;<br \/> proxy_ssl_session_reuse off;                                                            <\/div>\n<\/p><\/div>\n<\/li>\n<li>\n","protected":false},"excerpt":{"rendered":"<p>\u5173\u4e8e HTTPS \u8d1f\u8f7d\u5747\u8861\u95ee\u9898 \u8cc7&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[],"_links":{"self":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/161345"}],"collection":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=161345"}],"version-history":[{"count":0,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/161345\/revisions"}],"wp:attachment":[{"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=161345"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=161345"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=161345"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}