The difference between http and https is
Some websites, when http is opened, the page prompts that it is not safe. For example, if you click on the following website [actually the same website]
How can I get rid of this unsafe prompt? Upgrading from http to https
Look at the final effect:
If you currently have a website, how do you upgrade it? For https
Domain name: 511easy.com
Once you have a domain name, you can apply for a free SSL certificate, as shown in the screenshot below, based on the certificates of each web server. I use nginx
Then you need to configure the nginx.conf configuration, probably using the third one below, the first two are what I use to save.
Compared with http, https is more secure, but not necessarily. Use jmeter/charles/wireshark/fiddle, etc. to generate a certificate, and you can easily capture packets of https websites. Most websites and apps. I can capture packets
upstream tomcatserver1 {
server 127.0.0.1:8083;
}
upstream tomcatserver2 {
server 127.0.0.1:8085;
}
server {
listen 80;
server_name 511easy.com;
location / {
proxy_pass http://tomcatserver1;
index index.html index.htm;
}
}
server {
listen 80;
server_name 511easy.com;
location / {
proxy_pass http://tomcatserver2;
index index.html index.htm;
}
}worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name 88bugs;
location / {
proxy_pass http://localhost:8083;
}
}
server {
listen 80;
server_name jenkins;
location / {
proxy_pass http://localhost:8080;
}
}
}worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 443 ssl;
server_name www.511easy.com;
ssl on;
ssl_certificate 1_511easy.com_bundle.crt;
ssl_certificate_key 2_511easy.com.key;
ssl_session_timeout 5m;
location / {
proxy_pass http://localhost:8083;
}
}
}Consolidate the meaning of these abbreviations
http ---hyper text transfer protocol, hypertext transfer protocol, is a protocol built on tcp Stateless connection, the entire basic workflow is that the client sends an http request
https ---- hyper text transfer protocol over secure socket layer or hypertext transfer protocol secure
The full name is: Hypertext Secure Transfer Protocol, which can be simply understood as the http protocol that uses ssl encrypted transmission
The default port of http is 80, and the default port of https is 443
ssl is A security protocol that provides security and data integrity for network communications.
Why use https
In order to protect the security of information transmission and data integrity. It makes visitors feel that the website is trustworthy, and for the domestic network environment, it can also prevent broadband operators from forcing advertisements on the website.
If you want two ports on one server to execute different ports with different domain names, nginx can be configured like this
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 443 ssl;
server_name www.88bugs.com;
ssl_certificate 1_88bugs.com_bundle.crt;
ssl_certificate_key 2_88bugs.com.key;
ssl_session_timeout 5m;
location / {
proxy_pass http://localhost:8083;
}
}
server {
listen 443 ssl;
server_name www.511easy.com;
ssl_certificate 1_511easy.com_bundle.crt;
ssl_certificate_key 2_511easy.com.key;
ssl_session_timeout 5m;
location / {
proxy_pass http://localhost:8085;
}
}
}The above is the detailed content of How to upgrade Nginx from http to https. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
