SSL已安装但没有锁
我在服务器上安装了开放式ssl,所有密钥、csr和crt都在服务器上。将 apache conf 配置为密钥和证书的正确路径,但我在 url 中没有看到锁定(firefox 3.6.2)。在 chrome 中,它显示 https 被红色划掉。这是否意味着证书无法正常工作?我有 apache2 作为网络服务器。
I have open ssl installed on the server, all the key ,csr and crt on the server. Configured apache conf to the correct path for key and cert but i don't see a lock in the url(firefox 3.6.2).In chrome it shows https crossed out with red.Does this mean the certificate is not working properly? I have apache2 as the web server.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
tls 提供加密和身份验证。
加密意味着外部人员无法读取您的流量。
身份验证意味着您对正在通信的主机的身份充满信心。
如果chrome划掉了https,则意味着您正在使用tls,并且您可能已经正确设置了加密,但chrome对服务器的身份验证没有信心。通常,这是由不受信任的证书引起的;主题不匹配,或者 CA 不可信。
如果您使用自签名证书,那么它可能是不受信任的 CA。将 CA 安装到 Chrome 中应该可以解决该问题。
tls provides both encryption and authentication.
Encryption means that outsiders are unable to read your traffic.
Authentication means that you are confident of the identity of the host your are communicating with.
If chrome crosses out the https, it means that you are using tls, and you have probably set up encryption properly, but chrome is not confident in the authentication of the server. Typically, this is caused by an untrusted certificate; either the subject does not match, or the CA is not trusted.
If you are using a self-signed cert, then it's probably an untrusted CA. Installing the CA into chrome should fix the problem.
我前段时间遇到同样的问题,我已经成功安装了 SSL 证书,但它仍然在浏览器地址栏上显示十字,我发现问题是由于图像和 javascript 文件引起的,该文件作为绝对 HTTP url 包含在内。我将绝对 URL 更改为相对 URL,现在两个文件都通过 HTTPS 加载,并且浏览器显示绿色栏。
I face same problem some time ago that I have installed the SSL certificate successfully but still it show cross on browser address bar, I found the issue was caused due to a image and a javascript file which was included as absolute HTTP url. I change absolute URL to relative and now both files were loading over HTTPS and browser show green bar.