不過要使用HTTPs,就必須產生憑證給mongoose,才能夠利用這組憑證來加密。憑證產生的方式利用OpenSSL就可以做到。
openssl genrsa -out private.pem 1024然後利用這組private來產生x.509憑證cacert.pem
openssl req -new -x509 -key private.pem -out cacert.pem -days 1095在產生憑證的過程會要求你輸入一些資料,底下為範例輸入
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:TW
State or Province Name (full name) [Some-State]:TW-TP
Locality Name (eg, city) []:TP
Organization Name (eg, company) [Internet Widgits Pty Ltd]:MyCompany
Organizational Unit Name (eg, section) []:MyDep
Common Name (e.g. server FQDN or YOUR name) []:HTTPsTest
Email Address []:test@test.com產生完憑證以及private key之後,把這兩個檔案依照憑證和private key的順序放在一起
cat cacert.pem private.pem > mfg_key_cert.pem
最後把這組憑證餵給mongoose,且使用port443s作為socket port,就可以成功架設一個HTTPs的web server了!
./mongoose -p 443s -s mfg_key_cert.pem
結果如下,首先用https://192.168.56.77/test.html連線之後,會告訴你憑證不可靠(當然,因為是自己產生的)
然後選擇繼續後
就可以看到test.html的網頁連線結果了!
沒有留言:
張貼留言