Let's Encrypt: self-signed certificate

Official web page

https://letsencrypt.org/docs/certificates-for-localhost/

步驟

mkdir https_keys
複製上述網頁中的openssl指令(我會複製一份在最底下)，並在https_keys中執行
會產生localhost.crt、localhost.key兩個檔案
sudo vim /etc/nginx/conf.d/all_site.conf 打開.conf檔並仿照certbot一樣寫入下列兩行
- ssl_certificate /home/burwei/https_keys/localhost.crt;
- ssl_certificate_key /home/burwei/https_keys/localhost.key;
這兩行寫完，上面把listen 80;改成listen 443 ssl;就完成了
P.S. /etc/nginx/conf.d/是CentOS8的位置，Ubuntu的位置不一樣，但一樣是在/etc/nginx下的某個資料夾中

openssl 指令

不用理解直接複製後執行會產生兩個檔案 localhost.crt跟localhost.key

openssl req -x509 -out localhost.crt -keyout localhost.key \
  -newkey rsa:2048 -nodes -sha256 \
  -subj '/CN=localhost' -extensions EXT -config <( \
   printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")

nginx config file

在/etc/nginx/conf.d/下新增了一個all_site.conf

server{
        #listen to https port on IPv4 and IPv6 
        listen 443 ssl;
        #server config
        server_name         192.168.43.35;
        server_tokens off;

        ssl_certificate /home/burwei/https_keys/localhost.crt;
        ssl_certificate_key /home/burwei/https_keys/localhost.key;

        #reverse proxy to express (mern_boilerplate: ./backend/api_server/app.js )
        location /api {
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_pass http://127.0.0.1:9000;
        }
}

Let's Encrypt: self-signed certificate

Official web page

步驟

openssl 指令

nginx config file

Read more

Float 16-bit

od 基本用法

簡單筆記RecyclerView

Android ViewModel和LiveData的基本用法