借助安全传输层协议(TLS)加密 HTTP 流量实现防止篡改和窃听。观看视频录像,了解借助 NGINX 实现 TLS 的所有相关信息。
![](https://www.nginx-cn.net/wp-content/uploads/2024/05/nginx-cn.net_弹窗图_-_560x666-1.png)
Accept cookies for analytics, social media, and advertising, or learn more and adjust your preferences. These cookies are on by default for visitors outside the UK and EEA. Privacy Notice.
借助安全传输层协议(TLS)加密 HTTP 流量实现防止篡改和窃听。观看视频录像,了解借助 NGINX 实现 TLS 的所有相关信息。
NGINX Plus R28 引进了针对握手错误和证书验证失败的 TLS 指标集,并且支持云平台私有服务中的 PROXY v2 协议。阅读本文了解更多新特性。
通过向端点(endpoint)提供自动更新的证书来简化证书管理。
NGINX Plus R27 的全新增强特性包括:用于健康检查的 keepalive 连接、对于 Kernel TLS 的支持、更多 TLS 指标、自定义 JWT 验证失败时的错误代码等等。
NGINX Unit 1.23.0 and 1.24.0 introduce support for the SNI extension to TLS, definition of OpenSSL configuration commands, MIME filtering and path restrictions for static content, and multiple Python scripts in one app. Also, you no longer need to modify Node.js apps to run them in Unit.
阅读本文了解如何使用 Let'sEncrypt 客户端生成 RSA 证书并使用最新颁发的证书来自动配置 NGINX。
With the Fortanix Self-Defending Key Management Service, you can offload TLS crytographic processing from your NGINX and NGINX Plus servers, and safely store your TLS keys for on-demand uploading into the NGINX Plus key-value store. We provide complete instructions for both use cases.
在高安全性环境中,将 SSL 证书密钥这类敏感数据存放在键值存储中而不是磁盘上对创建安全的环境十分重要。本文将展示如何使用 HashiCorp Vault 生成临时 SSL 密钥,并将它们存储在内存里的 NGINX Plus 键值存储中。
In this installment of our "Ask NGINX" series, we discuss how NGINX and NGINX Plus work with Diffie-Hellman, support for Datagram Transport Layer Security, how to control the lifetime of content in the cache, and how to add the NGINX WAF to an NGINX Plus subscription.
With NGINX conditional logging, you can log a subset of requests which have defined characteristics. This blog uses it to solve a real-world customer use case: the need to reject obsolete and insecure SSL/TLS ciphers without excluding legitimate users of legacy devices.