ProHoster > Блог > xov xwm hauv internet > Wb Encrypt Revokes 2M Daim Ntawv Pov Thawj Vim TLS-ALPN-01 Cov Teeb Meem Ua Haujlwm

Wb Encrypt Revokes 2M Daim Ntawv Pov Thawj Vim TLS-ALPN-01 Cov Teeb Meem Ua Haujlwm

Let's Encrypt, ib lub koom haum tsim daim ntawv pov thawj (CA) uas tsis yog koom haum nrhiav nyiaj txiag uas muab daim ntawv pov thawj pub dawb rau txhua tus, tau tshaj tawm tias yuav rho tawm daim ntawv pov thawj TLS li ntawm ob lab daim, uas yog kwv yees li 1% ntawm tag nrho cov ntawv pov thawj uas CA tau muab. Kev rho tawm no tau pib vim yog tsis ua raws li cov cai hauv Let's Encrypt cov cai uas siv TLS-ALPN-01 extension (RFC 7301, Application-Layer Protocol Negotiation). Qhov tsis ua raws li qhov no yog vim tsis muaj qee qhov kev kuaj xyuas thaum lub sijhawm sib tham txog kev sib txuas raws li ALPN TLS extension, siv hauv HTTP/2. Cov ntaub ntawv qhia txog qhov xwm txheej yuav raug tshaj tawm tom qab kev rho tawm daim ntawv pov thawj cuam tshuam tiav lawm.

Thaum Lub Ib Hlis 26 thaum 03:48 AM (MSK), qhov teeb meem tau daws lawm, tab sis txhua daim ntawv pov thawj uas tau muab los ntawm kev siv txoj kev txheeb xyuas TLS-ALPN-01 raug tsis lees paub. Kev rho daim ntawv pov thawj yuav pib thaum Lub Ib Hlis 28 thaum 19:00 PM (MSK). Cov neeg siv uas siv txoj kev txheeb xyuas TLS-ALPN-01 raug qhia kom rov ua dua lawv daim ntawv pov thawj ua ntej lub sijhawm no, txwv tsis pub lawv yuav raug tsis lees paub ua ntej.

Cov ntawv ceeb toom txog qhov xav tau rov ua daim ntawv pov thawj tau xa los ntawm email. Cov neeg siv siv Certbot thiab cov cuab yeej dehydrated kom tau txais daim ntawv pov thawj nrog cov chaw teeb tsa tsis raug cuam tshuam los ntawm qhov teeb meem. Txoj kev TLS-ALPN-01 tau txais kev txhawb nqa hauv Caddy, Traefik, Apache mod_md, thiab autocert pob khoom. Koj tuaj yeem txheeb xyuas qhov tseeb ntawm koj daim ntawv pov thawj los ntawm kev tshawb nrhiav cov cim qhia, cov lej serial, lossis доменов nyob rau hauv daim ntawv teev cov ntawv pov thawj uas muaj teeb meem.

Vim tias cov kev hloov pauv no cuam tshuam rau tus cwj pwm ntawm TLS-ALPN-01 kev txheeb xyuas, yuav tsum tau hloov kho ACME tus neeg siv khoom lossis hloov kho (Caddy, bitnami/bn-cert, autocert, apache mod_md, Traefik) kom txuas ntxiv ua haujlwm. Cov kev hloov pauv no yog siv cov TLS versions tsis qis dua 1.2 (cov neeg siv khoom yuav tsis siv tau TLS 1.1 lawm) thiab kev txiav kev txhawb nqa rau OID 1.3.6.1.5.5.7.1.30.1, uas txheeb xyuas qhov txuas ntxiv acmeIdentifier uas tsis siv lawm uas tsuas yog txhawb nqa hauv cov ntawv sau thaum ntxov ntawm RFC 8737 specification (thaum tsim daim ntawv pov thawj, tsuas yog OID 1.3.6.1.5.5.7.1.31 tam sim no raug tso cai, thiab cov neeg siv khoom siv OID 1.3.6.1.5.5.7.1.30.1 yuav tsis tuaj yeem tau txais daim ntawv pov thawj).

Tau qhov twg los: opennet.ru

Yuav txhim khu kev qha hosting rau cov chaw nrog DDoS tiv thaiv, VPS VDS servers 🔥 Yuav lub vev xaib hosting txhim khu kev qha nrog kev tiv thaiv DDoS, VPS VDS servers | ProHoster