ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Wb Encrypt Revokes 2M Daim Ntawv Pov Thawj Vim TLS-ALPN-01 Cov Teeb Meem Ua Haujlwm

Wb Encrypt Revokes 2M Daim Ntawv Pov Thawj Vim TLS-ALPN-01 Cov Teeb Meem Ua Haujlwm

Cia's Encrypt, ib daim ntawv pov thawj tsis muaj txiaj ntsig uas tau tswj hwm los ntawm zej zog thiab muab cov ntawv pov thawj pub dawb rau txhua tus, tshaj tawm qhov kev tshem tawm ntxov ntawm kwv yees li ob lab daim ntawv pov thawj TLS, uas yog kwv yees li 1% ntawm tag nrho cov ntawv pov thawj nquag ntawm cov ntawv pov thawj no. Kev tshem tawm ntawm daim ntawv pov thawj tau pib vim qhov kev txheeb xyuas qhov tsis ua raws li cov kev cai tshwj xeeb hauv cov cai siv hauv Let's Encrypt nrog rau kev siv TLS-ALPN-01 txuas ntxiv (RFC 7301, Application-Layer Protocol Negotiation). Qhov tsis sib xws yog vim tsis muaj qee qhov kev kuaj xyuas thaum lub sijhawm kev sib tham sib txuas lus raws li ALPN TLS txuas ntxiv siv hauv HTTP / 2. Cov ncauj lus kom ntxaws txog qhov xwm txheej yuav raug tshaj tawm tom qab tshem tawm cov ntawv pov thawj teeb meem tiav.

Thaum Lub Ib Hlis 26 ntawm 03: 48 (MSK) qhov teeb meem tau kho, tab sis txhua daim ntawv pov thawj uas tau muab siv TLS-ALPN-01 txoj hauv kev rau kev txheeb xyuas tau txiav txim siab ua tsis raug. Kev tshem tawm daim ntawv pov thawj yuav pib thaum Lub Ib Hlis 28 thaum 19:00 (MSK). Txog rau lub sijhawm no, cov neeg siv uas siv TLS-ALPN-01 txoj kev pov thawj tau qhia kom hloov kho lawv daim ntawv pov thawj, txwv tsis pub lawv yuav raug siv tsis tau ntxov.

Cov ntawv ceeb toom ntsig txog qhov xav tau hloov kho daim ntawv pov thawj raug xa los ntawm email. Cov neeg siv uas siv Certbot thiab cov cuab yeej dehydrated kom tau txais daim ntawv pov thawj tsis cuam tshuam los ntawm qhov teeb meem thaum siv qhov teeb tsa tsis raug. Txoj kev TLS-ALPN-01 txhawb nqa hauv Caddy, Traefik, apache mod_md thiab autocert pob. Koj tuaj yeem tshawb xyuas qhov tseeb ntawm koj daim ntawv pov thawj los ntawm kev tshawb nrhiav cov cim, cov lej cim lossis cov npe hauv cov npe ntawm cov ntawv pov thawj teeb meem.

Txij li cov kev hloov pauv cuam tshuam rau tus cwj pwm thaum kuaj xyuas siv TLS-ALPN-01 txoj kev, hloov kho ACME tus neeg siv lossis hloov chaw (Caddy, bitnami / bn-cert, autocert, apache mod_md, Traefik) tej zaum yuav tsum tau ua haujlwm ntxiv. Cov kev hloov pauv suav nrog kev siv TLS cov qauv tsis qis dua 1.2 (cov neeg siv khoom yuav tsis tuaj yeem siv TLS 1.1) thiab kev txiav tawm ntawm kev txhawb nqa OID 1.3.6.1.5.5.7.1.30.1, uas txheeb xyuas qhov kev siv tsis tau siv acmeIdentifier txuas ntxiv, txhawb nqa nkaus xwb Hauv cov ntawv sau ua ntej ntawm RFC 8737 specification (thaum tsim daim ntawv pov thawj, tam sim no Tsuas yog OID 1.3.6.1.5.5.7.1.31 tau tso cai, thiab cov neeg siv OID 1.3.6.1.5.5.7.1.30.1 yuav tsis tau txais daim ntawv pov thawj ).

Tau qhov twg los: opennet.ru

Ntxiv ib saib