回到主页

中小企业如何全面启用Https

About Let's Encrypt

· 途·Develop

相关介绍

百度于2018-02-05 发布《HTTPS改造的必要性》,我厂网站于3月7日到9日进行了网站运行环境的改造,以完成https改造。

在改版前首先了解了一下各种商业CA证书市场普遍售价为2k-5k/年。这个过程中发现了Let's Encrypt

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit.

它由Internet Security Research Group (ISRG)提供支持。特性如下

  • Free(免费): Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
  • Automatic(自动化): Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
  • Secure(安全): Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
  • Transparent(透明): All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
  • Open(开放): The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
  • Cooperative(共赢): Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.

网站本来是运行在万网的弹性web计算服务上的,但是为了进行https改造,网站迁移到了ecs服务器上。

网站采用的是Wordpress+Let's Encrypt+Docker+daocloud.io实现的https改造。这为以后网站的扩展提供了良好的自动化基础。

技术细节相关:https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion

所有文章
×

还剩一步!

确认邮件已发至你的邮箱。 请点击邮件中的确认链接,完成订阅。

好的