Isizinda se-VestaCP 8083 port https asivumelekile?Faka Okokufundisa Kwesitifiketi Se-SSL

VestaCP Iphaneli yokulawula ilula futhi kulula ukuyisebenzisa: Faka i-VestaCP Control Panel, engafaka ngokuzenzakalelayo umsebenzi wokuphepha wesitifiketi se-Let's Encrypt SSL, ngakho samukelwe kahle amazwe angaphandle.SEOAbasebenzi bamukelekile.

Ukufakwa nokulungisa okokufundisa kwesiShayina okungenzeka kungatholakali kuwebhusayithi esemthethweni ye-VestaCP

Kuyini Asibhale Ngemfihlo?

I-Let Encrypt Igunya Lesitifiketi Se-SSL elethulwe ngo-Ephreli 2016, 4.

  • Ihlinzeka ngesitifiketi samahhala se-X.509 sokubethela kwe-Transport Layer Security (TLS) ngenqubo ezenzakalelayo,
  • Idizayinelwe ukuqeda ukudalwa kwamanje mathupha, ukuqinisekiswa, ukusayina, ukufakwa nokubuyekezwa kwezitifiketi zamawebhusayithi avikelekile.

Ikhasi lokungena lephaneli yokulawula ye-VestaCP, lisebenzisa i-port 8083.

Iyini i-port 8083?

  • I-8083 yikhasi lommeleli nembobo yefayela yokulanda, iyimbobo enengqondo.
  • Kubuchwepheshe benethiwekhi, izimbobo zihlanganisa izimbobo ezibonakalayo nezimbobo ezinengqondo.

Umehluko phakathi kwe-Physical Port kanye ne-Logical Port

  • Izimbobo ezibonakalayo zibhekisela ezimbobeni ezikhona ngempela, njengamamodemu e-ADSL, amahabhu, amaswishi, namarutha axhumeka kwamanye amadivayisi enethiwekhi njengezimbobo ze-RJ-45, izimbobo ze-SC, njll.
  • Imbobo enengqondo iyimbobo ehlukanisa izinsizakalo ngencazelo enengqondo, njengezimbobo zesevisi kuphrothokholi ye-TCP/IP.Ibanga lenombolo yechweba lingu-0 kuye ku-65535.

Kodwa-ke, okwamanje i-port 8083 yephaneli yokulawula ye-VestaCP iboniswa ngokuzenzakalelayo ngaphandle kwesitifiketi sokuphepha se-SSL...

Ngakho, kuFaka iphaneli ye-VestaCPEmuva,i-Google ChromeLo mlayezo uzovela:

  • Ukuxhumeka kwakho akulona uxhumo oluyimfihlo
  • Abahlaseli bangase bazame ukuntshontsha imininingwane yakho (isb. amaphasiwedi, ukuxhumana noma imininingwane yekhadi lesikweletu).

    Iphaneli yokungena ye-Vesta yenza i-https

    Isinyathelo sesi-1:Ngena ngemvume kuphaneli yokuphatha ye-VestaCP usebenzisa igama lomethuleli kanye ne-port 8083 ▼

    http:// 你的域名:8083/

    Isinyathelo sesi-2: Faka isevisi yeWEBHU ye-VestaCP ukuze uthole igama lomsingathi weseva yakho, bese uchofoza HLELA ▼

    Amasevisi ewebhu ephaneli ye-VestaCP - Chofoza u-Hlela

    Isinyathelo sesi-3:Thola futhi uhlole i-SSL futhi Ake Sibethele "Vumela i-SSL (SSL Support)" kanye "Sebenzisa Masibhale Ngemfihlo (Ake Sibethele Usekelo)" ▼

    Kuphaneli ye-VestaCP, thola futhi uhlole i-SSL kanye ne-Let's Encrypt.

    • Bese uchofoza u-Londoloza (umlawuli uchofoza Gcina bese ulinda cishe imizuzu emihlanu ukuze ubuke isicelo sesitifiketi se-SSL)

    Isinyathelo sesi-4:Thola indawo yokugcina yesitifiketi evikelekile ethi Masibethele Masibethele igcina isitifiketi sayo se-SSL kuyo /home/username/conf/web/ endaweni. Sicela ubhale izindawo zabo ▼

    /home/username/conf/web/ssl.website.crt
/home/username/conf/web/ssl.website.key

    Iphaneli yokulawula ye-VestaCP, gcina isitifiketi sayo se-SSL segama lomethuleli ku-▼

    /usr/local/vesta/ssl/certificate.crt
/usr/local/vesta/ssl/certificate.key

    Ngakho-ke, kudingeka siqale siqambe kabusha amafayela esitifiketi esidala se-VestaCP komunye umbhalo oyidumi ukuze i-VestaCP ingasakwazi ukuwasebenzisa, bese sixhumanisa lawa mafayela ngokomfanekiso. Sicela ulandele izinyathelo ezingezansi ukuze ufunde ukuthi ungakwenza kanjani lokhu.

    Isinyathelo sesi-5:SSH kuseva yakho bese ufaka le miyalo emi-2 ukuze uqambe kabusha ifayela elidala ▼

    mv /usr/local/vesta/ssl/certificate.crt /usr/local/vesta/ssl/unusablecer.crt
mv /usr/local/vesta/ssl/certificate.key /usr/local/vesta/ssl/unusablecer.key
    • Uma le misebenzi elandelayo ihluleka ukusebenza, okubangela ukuthi isixhumanisi se-SSL sihluleke, iwebhusayithi ayikwazi ukuvulwa, kanye nefayela le-SSL "unusablecer"igama, shintsha ubuyele egameni langaphambili"isitifiketi” ngaphandle kokuchitha isikhathi ngokufaka kabusha iphaneli ye-VestaCP.

    Isinyathelo sesi-6:Dala isixhumanisi esingokomfanekiso ukuze ukhombe isixhumanisi esisha esingokomfanekiso Sicela ufake igama lakho lomsebenzisi, njenge:admin intando chenweiliang.com Faka esikhundleni segama lomethuleli (FQDN) leseva yakho ye-VPS▼

    ln -s /home/admin/conf/web/ssl.chenweiliang.com.crt /usr/local/vesta/ssl/certificate.crt
ln -s /home/admin/conf/web/ssl.chenweiliang.com.key /usr/local/vesta/ssl/certificate.key

    Isinyathelo sesi-7:Qala kabusha i-VestaCP

    service vesta restart

    Isinyathelo sesi-8:Sula inqolobane yesiphequluli sakho bese uzama ukungena kuphaneli yokulawula ye-VestaCP futhi usebenzisa i-port 8083.

    • Manje i-SSL yakho ku-port 8083 ivikelekile!

    Isixazululo sezimvume eziphukile

    Ukuze ulungise izimvume eziphukile, faka umyalo olandelayo▼

    • intando your.adminpanel.com Faka esikhundleni se-URL yekhonsoli yakho yokuphatha ye-VestaCP.
    chgrp mail ssl.your.adminpanel.com.key
chmod 660 ssl.your.adminpanel.com.key
chgrp mail ssl.your.adminpanel.com.crt
chmod 660 ssl.your.adminpanel.com.crt

    Okungenhla kuyindlela yokunika amandla isitifiketi se-SSL ngemuva kwe-VestaCP.

    Ungaphoqelela kanjani igama lesizinda ukusebenzisa isitifiketi se-https SSL?

    isinyathelo 1:Faka isifanekiso se-nginx ngokwezifiso ▼

    cd /usr/local/vesta/data/templates/web
wget http://c.vestacp.com/0.9.8/rhel/force-https/nginx.tar.gz
tar -xzvf nginx.tar.gz
rm -f nginx.tar.gz

    Isinyathelo sesi-2:Setha isifanekiso sommeleli ukuthi siphoqelele-https Iphaneli Yokulawula ye-VestaCP: Phoqelela Ukunika Amandla i-HTTPS Kumasevisi Ewebhu

    • Dala ukusetha ngaphambilini okusha, noma ngokusetha ngaphambilini okukhona, setha amandla-https njengesifanekiso sommeleli we-Nginx.
    • Lapho ungeza abasebenzisi abasha, ungasebenzisa isifanekiso se-force-https ukuze unikeze izimvume kubasebenzisi bohlelo olusethiwe.

    I-HTTP iqondiswa kabusha ngokuzenzakalelayo ku-HTTPS

    I-VestaCP iyiqondisa kanjani kabusha i-HTTP ku-HTTPS isebenzisa i-htaccess? Ingabe ufuna ukuqondisa kabusha iwebhusayithi yakho ngokuzenzakalela enguqulweni evikelekile (HTTPS) yewebhusayithi yakho ebethelwe?

    Efayelini elithi .htaccess, engeza i-syntax elandelayo yokuqondisa kabusha engu-301▼

    RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
    • U-"L" kokungenhla [R,L] usho Okokugcina (Okokugcina), uma ezinye izinhlelo zolimi nazo zinalo L, i-http ayikwazi ukuqondisa kabusha ngokuzenzakalelayo ku-https.
    • Ngakho-ke, kunconywa ukuthi uqondise kabusha i-http301 ku-syntax ye-https phezulu (ngaphambi kwamanye ama-syntaxes).

    Uma ufuna ukwengeza izitifiketi ezivikelekile ze-SSL kwezinye izizinda zakho kuphaneli yokulawula ye-VestaCP, sicela uhlole lesi sifundo ▼

    Ungayisebenzisa kanjani iphaneli yeVestaCP?Faka Ihhovisi Leposi/Engeza Izizinda Eziningi Nokuphathwa Kwefayela 🔗Ungayisebenzisa kanjani iphaneli yeVestaCP? Faka iposi/engeza amagama amaningi wesizinda nokuphathwa kwefayela

    I-Hope Chen Weiliang Blog ( https://www.chenweiliang.com/ ) kwabiwe "imbobo engemuva ye-VestaCP 8083 https ayivumelekile?Faka Okokufundisa Kwesitifiketi Se-SSL" ukukusiza.

    Siyakwamukela ukwabelana ngesixhumanisi salesi sihloko:https://www.chenweiliang.com/cwl-705.html

    Ukuze uvule amaqhinga afihliwe🔑, wamukelekile ukujoyina isiteshi sethu seTelegram!

    Chofoza lapha ukuze ujoyine isiteshi seTelegram

    Yabelana futhi uthanda uma uthanda! Ukwabelana kwakho nokuthanda kwakho kuyisikhuthazo sethu esiqhubekayo!

     

    发表 评论

    Ikheli lakho le-imeyili ngeke lishicilelwe. 必填 项 已 用 * Ilebula

    Skrolela Top