First, why should use HTTPS
HTTPS (full name: Hyper Text Transfer Protocol over Secure the Socket Layer ), it is safe for the target of HTTP
Channel, simply, is HTTP secure version.
HTTPS is HTTP based on the added layer of security, the ciphertext into the original plaintext transmitted from the transmission, encryption and decryption are of course requires some time and the cost of overhead, incomplete statistics, there are 10 -fold difference. In the current network environment is negligible, it has become an inevitable trend.
Currently micro-channel applet request Api must https , of Ios request api interfaces must https
Second, configure https
1 , Type Certificate
1 , domain type https certificate ( DVSSL ): general level of trust, just verify the authenticity of the site can issue certificates to protect the site;
2 , business type https certificate ( OVSSL ): strong level of trust, the need to verify the identity of the enterprise, strict auditing, and more secure;
3 , enhanced https certificate ( EVSSL ): the highest level of trust, general securities for banks and other financial institutions, strict auditing, highest security, and can activate the green URL bar.
2 , create a certificate
3 , certificate validation
4 , configure the web server
https://cloud.tencent.com/document/product/400/4143#2.-nginx-.E8.AF.81.E4.B9.A6.E9.83.A8.E7.BD.B2
{Server the listen 443 ; server_name www.domain.com; # Fill binding domain certificate ssl ON; ssl_certificate 1_www.domain.com_bundle.crt; ssl_certificate_key 2_www.domain.com.key; ssl_session_timeout 5m; . ssl_protocols TLSv1 TLSv1 1 TLSv1. 2 ; # configured in this protocol ssl_ciphers to ECDHE -RSA-the AES128-GCM-the SHA256: HIGH: aNULL: the MD5: the RC4 :!!!! of DHE; # ssl_prefer_server_ciphers on the configuration in accordance with this kit; LOCATION / { the root HTML; catalog # site index index.htm index.html; } }
