最新消息:20210917 已从crifan.com换到crifan.org

【已解决】crifan.org中打开book.crifan.org页面提示不安全

org crifan 558浏览 0评论
折腾:
【记录】复制crifan.comcrifan.org的WordPress网站后续更新相关内容
期间,尝试去打开
常见压缩工具总结
https://book.crifan.com/books/common_compress_tool_summary/website/
打开,需要翻墙。否则crifan.com的域名被DNS污染,无法打开。
现在手动换成 crifan.org
https://book.crifan.org/books/common_compress_tool_summary/website/
可以打开了:
tar · 常见压缩工具总结 (crifan.org)
但是:提示不安全:
之前也遇到类似问题。
感觉是:
此处是crifan.com的ssl证书
导致此处的 crifan.org的证书,没有生效?
原因或许是
WordPress中的ssl证书相关插件 ?
去看看
感觉是,可以:
先禁用ssl证书插件
重启php
重启CentOS
再删除ssl证书插件
去试试
突然注意到:
此处地址是二级域名
book.crifan.org
好像不对
而之前的:
www.crifan.org
好像没有 证书问题?
所以是:
二级域名的https的证书问题?
WordPress 二级域名 https证书
WordPress 多网站 SSL 部署 站群 https 加密 – 多网站管理系统 (duowangzhan.com)
通过WordPress插件安装SSL证书 – 青松跨境B2C (qingsongb2c.com)
现在二级域名开启ssl 出现 403 Forbidden是怎么回事啊? – 知乎 (zhihu.com)
去看看 book.crifan.org 根目录是否有什么配置
突然发现:
[root@crifan wwwroot]# ll
total 16K
drwxr-xr-x  4 www www 4.0K Aug 17 00:21 book.crifan.com
drwxr-xr-x  3 www www 4.0K May 24  2019 default
drwxr-xr-x 11 www www 4.0K Sep  9 20:23 www.crifan.com
drwxr-xr-x 11 www www 4.0K Sep 17 13:26 www.crifan.org
之前只有:
book.crifan.com
没有:我以为有的 希望的:
所以应该去复制一份:
从 book.crifan.com 到 book.crifan.org
[root@crifan wwwroot]# mkdir book.crifan.org
[root@crifan wwwroot]# ll
total 20K
drwxr-xr-x  4 www  www  4.0K Aug 17 00:21 book.crifan.com
drwxr-xr-x  2 root root 4.0K Sep 17 13:46 book.crifan.org
drwxr-xr-x  3 www  www  4.0K May 24  2019 default
drwxr-xr-x 11 www  www  4.0K Sep  9 20:23 www.crifan.com
drwxr-xr-x 11 www  www  4.0K Sep 17 13:26 www.crifan.org
[root@crifan wwwroot]# cp -a book.crifan.com/* book.crifan.org/
[root@crifan wwwroot]# ll book.crifan.org/
total 8.0K
drwxr-xr-x 90 root root 4.0K Sep 16 10:39 books
drwxr-xr-x  2 root root 4.0K Dec  6  2017 common
再去把权限都给www
[root@crifan wwwroot]# chown -R www:www book.crifan.org/
[root@crifan wwwroot]# ll
total 20K
drwxr-xr-x  4 www www 4.0K Aug 17 00:21 book.crifan.com
drwxr-xr-x  4 www www 4.0K Sep 17 13:47 book.crifan.org
drwxr-xr-x  3 www www 4.0K May 24  2019 default
drwxr-xr-x 11 www www 4.0K Sep  9 20:23 www.crifan.com
drwxr-xr-x 11 www www 4.0K Sep 17 13:26 www.crifan.org
[root@crifan wwwroot]# ll book.crifan.org/
total 8.0K
drwxr-xr-x 90 www www 4.0K Sep 16 10:39 books
drwxr-xr-x  2 www www 4.0K Dec  6  2017 common
再去访问看看
另外,用chrome访问
https://book.crifan.org/books/common_compress_tool_summary/website/
第一次,会警告:
您的连接不是私密连接

攻击者可能会试图从 book.crifan.org 窃取您的信息(例如:密码、通讯内容或信用卡信息)。了解详情
NET::ERR_CERT_COMMON_NAME_INVALID
如果您想获得 Chrome 最高级别的安全保护,请开启增强型保护
点击 高级
此服务器无法证明它是book.crifan.org;其安全证书来自book.crifan.com。出现此问题的原因可能是配置有误或您的连接被拦截了。
继续前往book.crifan.org(不安全)
点击:继续前往book.crifan.org(不安全)
依旧不安全。
感觉是问题转换为:
搞清楚之前book.crifan.com时,如何设置二级域名的
此处照着做即可。
【已解决】WordPress网站crifan.com搬家腾讯云后解决二级域名book.crifan.com的页面访问 – 在路上
原来是:OneInStack中的./vhost.sh,加上book.crifan.org域名,即可。
其中用自带的”3. Use Let’s Encrypt to Create SSL Certificate and Key”即可。
去操作:
另外顺带去:删除shadowsocks
[root@crifan ~]# ll
total 280M
drwxr-xr-x 7 root root 4.0K May  9  2019 oneinstack
-rw-r--r-- 1 root root 280M May  4  2019 oneinstack-full.tar.gz
drwxr-xr-x 2 root root 4.0K Jun  3  2019 shadowsocks
[root@crifan ~]# rm -rf shadowsocks/
去加二级域名:
[root@crifan oneinstack]# ./vhost.sh 


#######################################################################
#       OneinStack for CentOS/RedHat 6+ Debian 7+ and Ubuntu 12+      #
#       For more information please visit https://oneinstack.com      #
#######################################################################


What Are You Doing?
        1. Use HTTP Only
        2. Use your own SSL Certificate and Key
        3. Use Let's Encrypt to Create SSL Certificate and Key
        q. Exit
Please input the correct option: 3


Please input domain(example: www.example.com): book.crifan.org
domain=book.crifan.org


Please input the directory for the domain:book.crifan.org :
(Default directory: /data/wwwroot/book.crifan.org): 
Virtual Host Directory=/data/wwwroot/book.crifan.org


Create Virtul Host directory......
set permissions of Virtual Host directory......


Do you want to add more domain name? [y/n]: n


Do you want to redirect all HTTP requests to HTTPS? [y/n]: y
[Fri Sep 17 13:56:53 CST 2021] Creating domain key
[Fri Sep 17 13:56:53 CST 2021] The domain key is here: /root/.acme.sh/book.crifan.org/book.crifan.org.key
[Fri Sep 17 13:56:53 CST 2021] Single domain='book.crifan.org'
[Fri Sep 17 13:56:53 CST 2021] Getting domain auth token for each domain
[Fri Sep 17 13:56:56 CST 2021] Getting webroot for domain='book.crifan.org'
[Fri Sep 17 13:56:56 CST 2021] Verifying: book.crifan.org
[Fri Sep 17 13:57:00 CST 2021] Success
[Fri Sep 17 13:57:00 CST 2021] Verify finished, start to sign.
[Fri Sep 17 13:57:00 CST 2021] Lets finalize the order, Le_OrderFinalize: https://acme-v02.api.letsencrypt.org/acme/finalize/57656599/25069560300
[Fri Sep 17 13:57:02 CST 2021] Download cert, Le_LinkCert: https://acme-v02.api.letsencrypt.org/acme/cert/049879eadd8578db362445601fad731d49c5
[Fri Sep 17 13:57:03 CST 2021] Cert success.
-----BEGIN CERTIFICATE-----
MIIFI…………...w=
-----END CERTIFICATE-----
[Fri Sep 17 13:57:03 CST 2021] Your cert is in  /root/.acme.sh/book.crifan.org/book.crifan.org.cer 
[Fri Sep 17 13:57:03 CST 2021] Your cert key is in  /root/.acme.sh/book.crifan.org/book.crifan.org.key 
[Fri Sep 17 13:57:03 CST 2021] The intermediate CA cert is in  /root/.acme.sh/book.crifan.org/ca.cer 
[Fri Sep 17 13:57:03 CST 2021] And the full chain certs is there:  /root/.acme.sh/book.crifan.org/fullchain.cer 


Do you want to add hotlink protection? [y/n]: n


Allow Rewrite rule? [y/n]: y


Please input the rewrite of programme :
wordpress,opencart,magento2,drupal,joomla,codeigniter,laravel
thinkphp,pathinfo,discuz,typecho,ecshop,nextcloud,zblog rewrite was exist.
(Default rewrite: other): 
You choose rewrite=other


Allow Nginx/Tengine/OpenResty access_log? [y/n]: n


nginx: the configuration file /usr/local/tengine/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/tengine/conf/nginx.conf test is successful
Reload Nginx......


#######################################################################
#       OneinStack for CentOS/RedHat 6+ Debian 7+ and Ubuntu 12+      #
#       For more information please visit https://oneinstack.com      #
#######################################################################
Your domain:                  book.crifan.org
Virtualhost conf:             /usr/local/tengine/conf/vhost/book.crifan.org.conf
Directory of:                 /data/wwwroot/book.crifan.org
Rewrite rule:                 /usr/local/tengine/conf/rewrite/other.conf
Let's Encrypt SSL Certificate:/usr/local/tengine/conf/ssl/book.crifan.org.crt
SSL Private Key:              /usr/local/tengine/conf/ssl/book.crifan.org.key
即可正常打开
https://book.crifan.org/books/common_compress_tool_summary/website/
没有 不安全 的提示了:
【总结】
此处打开book.crifan.org的地址,提示 不安全
原因:没有ssl证书
解决办法:
用OneInStack的vhost.sh去新增book.crifan.org的二级域名,用自带的“3. Use Let’s Encrypt to Create SSL Certificate and Key”自动生成ssl证书,即可。

转载请注明:在路上 » 【已解决】crifan.org中打开book.crifan.org页面提示不安全

发表我的评论
取消评论

表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
89 queries in 0.176 seconds, using 23.38MB memory