原創地址:http://www.survivalescaperooms.com/jfzhu/p/4064654.html
轉載請注明出處
有關HTTPS、SSL以及SSL證書的工作原理,參見
《HTTPS那些事(一)HTTPS原理》
《HTTPS那些事(二)SSL證書》
《HTTPS那些事(三)攻擊實例與防御》
本文將演示如何在IIS中配置一個HTTPS的ASP.NET Web application。
A self-signed certificate is an identity certificate that is signed by its own creator. Certificates are signed by Certificate Authority. In general self signed certificates are fine for testing purpose but not for PRoduction.
創建self-signed certificate有兩種方式:
本文只演示如何用IIS創建self-signed certificate。
打開IIS Manager后,雙擊Server Certificates。
Binding下Type選擇https,默認端口為443(http默認端口為80),SSL Certificate選擇上面我們創建的self-signed certificate。
點擊Add
點擊地址欄旁邊的小鎖頭,查看一下證書
可以看到在IIS中創建self-signed certificate的時候,服務器已經將它添加到Trusted Root CA中了。在客戶端,你需要手動安裝根證書。
如果想使用瀏覽器信任的證書,需要使用證書頒發機構 (CA)頒發給你的證書,比如Verisign,Thawte等。Self-signed Certificate可以用于開發測試環境,不應用于生產環境。
新聞熱點
疑難解答
