当前位置：首页 > news >正文

太原网站建设网格未来wordpress渐隐渐现页面过渡效果

news 2025/11/2 5:54:14

太原网站建设网格未来,wordpress渐隐渐现页面过渡效果,wordpress无法显示图片,电子工程王牌专业概述 SSL/TLS握手时#xff0c;客户端与服务端协商加密套件是很重要的一个步骤#xff0c;协商出加密套件后才能继续完成后续的握手和加密通信。而现在SSL/TLS协议通信的实现#xff0c;基本都是通过OpenSSL开源库#xff0c;本文章就主要介绍下加密套件的含义以及如何在O…概述 SSL/TLS握手时客户端与服务端协商加密套件是很重要的一个步骤协商出加密套件后才能继续完成后续的握手和加密通信。而现在SSL/TLS协议通信的实现基本都是通过OpenSSL开源库本文章就主要介绍下加密套件的含义以及如何在OpenSSL中指定加密套件。加密套件介绍 SSL/TLS协议的加密套件是定义了在一次连接中所使用的各种加密算法的组合。它包括以下几个主要部分密钥交换算法用于协商会话密钥如RSA、DH、ECDH等。对称加密算法用于实际数据传输的加解密例如AES、3DES等。消息认证码(MAC)或伪随机函数(PRF)用于验证数据完整性及防止篡改如SHA256等。如何指定加密套件使用OpenSSL或者Nginx实现SSL/TLS协议时都需要指定加密套件。一般指定这样指定就可以了表示指定加密套件为任意算法但身份认证算法和加密算法不能为空。这样客户端和服务端就会自动协商一个加密套件进行通信。 ssl_ciphers ALL:!aNULL; #Nginx配置加密套件SSL_CTX_set_cipher_list(ServerCTX, ALL:!aNULL); #openssl接口配置加密套件但如果想自己指定加密套件就可以使用以下列表中的一种。序号加密套件(完整名称)加密套件(openssl接口指定名称)版本密钥协商算法身份验证算法加密算法MAC1TLS_AES_256_GCM_SHA384TLS_AES_256_GCM_SHA384TLSv1.3anyanyAESGCM(256)AEAD2TLS_CHACHA20_POLY1305_SHA256TLS_CHACHA20_POLY1305_SHA256TLSv1.3anyanyCHACHA20/POLY1305(256)AEAD3TLS_AES_128_GCM_SHA256TLS_AES_128_GCM_SHA256TLSv1.3anyanyAESGCM(128)AEAD4TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384ECDHE-ECDSA-AES256-GCM-SHA384TLSv1.2ECDHECDSAAESGCM(256)AEAD5TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384ECDHE-RSA-AES256-GCM-SHA384TLSv1.2ECDHRSAAESGCM(256)AEAD6TLS_DHE_RSA_WITH_AES_256_GCM_SHA384DHE-RSA-AES256-GCM-SHA384TLSv1.2DHRSAAESGCM(256)AEAD7TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256ECDHE-ECDSA-CHACHA20-POLY1305TLSv1.2ECDHECDSACHACHA20/POLY1305(256)AEAD8TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256ECDHE-RSA-CHACHA20-POLY1305TLSv1.2ECDHRSACHACHA20/POLY1305(256)AEAD9TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256DHE-RSA-CHACHA20-POLY1305TLSv1.2DHRSACHACHA20/POLY1305(256)AEAD10TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256ECDHE-ECDSA-AES128-GCM-SHA256TLSv1.2ECDHECDSAAESGCM(128)AEAD11TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256ECDHE-RSA-AES128-GCM-SHA256TLSv1.2ECDHRSAAESGCM(128)AEAD12TLS_DHE_RSA_WITH_AES_128_GCM_SHA256DHE-RSA-AES128-GCM-SHA256TLSv1.2DHRSAAESGCM(128)AEAD13TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384ECDHE-ECDSA-AES256-SHA384TLSv1.2ECDHECDSAAES(256)SHA38414TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384ECDHE-RSA-AES256-SHA384TLSv1.2ECDHRSAAES(256)SHA38415TLS_DHE_RSA_WITH_AES_256_CBC_SHA256DHE-RSA-AES256-SHA256TLSv1.2DHRSAAES(256)SHA25616TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256ECDHE-ECDSA-AES128-SHA256TLSv1.2ECDHECDSAAES(128)SHA25617TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256ECDHE-RSA-AES128-SHA256TLSv1.2ECDHRSAAES(128)SHA25618TLS_DHE_RSA_WITH_AES_128_CBC_SHA256DHE-RSA-AES128-SHA256TLSv1.2DHRSAAES(128)SHA25619TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHAECDHE-ECDSA-AES256-SHATLSv1ECDHECDSAAES(256)SHA120TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAECDHE-RSA-AES256-SHATLSv1ECDHRSAAES(256)SHA121TLS_DHE_RSA_WITH_AES_256_CBC_SHADHE-RSA-AES256-SHASSLv3DHRSAAES(256)SHA122TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHAECDHE-ECDSA-AES128-SHATLSv1ECDHECDSAAES(128)SHA123TLS_ECDHE_RSA_WITH_AES_128_CBC_SHAECDHE-RSA-AES128-SHATLSv1ECDHRSAAES(128)SHA124TLS_DHE_RSA_WITH_AES_128_CBC_SHADHE-RSA-AES128-SHASSLv3DHRSAAES(128)SHA125RSA_PSK_WITH_AES_256_GCM_SHA384RSA-PSK-AES256-GCM-SHA384TLSv1.2RSAPSKRSAAESGCM(256)AEAD26DHE_PSK_WITH_AES_256_GCM_SHA384DHE-PSK-AES256-GCM-SHA384TLSv1.2DHEPSKPSKAESGCM(256)AEAD27TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256RSA-PSK-CHACHA20-POLY1305TLSv1.2RSAPSKRSACHACHA20/POLY1305(256)AEAD28TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256DHE-PSK-CHACHA20-POLY1305TLSv1.2DHEPSKPSKCHACHA20/POLY1305(256)AEAD29TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256ECDHE-PSK-CHACHA20-POLY1305TLSv1.2ECDHEPSKPSKCHACHA20/POLY1305(256)AEAD30TLS_RSA_WITH_AES_256_GCM_SHA384AES256-GCM-SHA384TLSv1.2RSARSAAESGCM(256)AEAD31PSK_WITH_AES_256_GCM_SHA384PSK-AES256-GCM-SHA384TLSv1.2PSKPSKAESGCM(256)AEAD32TLS_PSK_WITH_CHACHA20_POLY1305_SHA256PSK-CHACHA20-POLY1305TLSv1.2PSKPSKCHACHA20/POLY1305(256)AEAD33RSA_PSK_WITH_AES_128_GCM_SHA256RSA-PSK-AES128-GCM-SHA256TLSv1.2RSAPSKRSAAESGCM(128)AEAD34DHE_PSK_WITH_AES_128_GCM_SHA256DHE-PSK-AES128-GCM-SHA256TLSv1.2DHEPSKPSKAESGCM(128)AEAD35TLS_RSA_WITH_AES_128_GCM_SHA256AES128-GCM-SHA256TLSv1.2RSARSAAESGCM(128)AEAD36PSK_WITH_AES_128_GCM_SHA256PSK-AES128-GCM-SHA256TLSv1.2PSKPSKAESGCM(128)AEAD37TLS_RSA_WITH_AES_256_CBC_SHA256AES256-SHA256TLSv1.2RSARSAAES(256)SHA25638TLS_RSA_WITH_AES_128_CBC_SHA256AES128-SHA256TLSv1.2RSARSAAES(128)SHA25639ECDHE_PSK_WITH_AES_256_CBC_SHA384ECDHE-PSK-AES256-CBC-SHA384TLSv1ECDHEPSKPSKAES(256)SHA38440ECDHE_PSK_WITH_AES_256_CBC_SHAECDHE-PSK-AES256-CBC-SHATLSv1ECDHEPSKPSKAES(256)SHA141RSA_PSK_WITH_AES_256_CBC_SHA384RSA-PSK-AES256-CBC-SHA384TLSv1RSAPSKRSAAES(256)SHA38442DHE_PSK_WITH_AES_256_CBC_SHA384DHE-PSK-AES256-CBC-SHA384TLSv1DHEPSKPSKAES(256)SHA38443RSA_PSK_WITH_AES_256_CBC_SHARSA-PSK-AES256-CBC-SHASSLv3RSAPSKRSAAES(256)SHA144DHE_PSK_WITH_AES_256_CBC_SHADHE-PSK-AES256-CBC-SHASSLv3DHEPSKPSKAES(256)SHA145TLS_RSA_WITH_AES_256_CBC_SHAAES256-SHASSLv3RSARSAAES(256)SHA146PSK_WITH_AES_256_CBC_SHA384PSK-AES256-CBC-SHA384TLSv1PSKPSKAES(256)SHA38447PSK_WITH_AES_256_CBC_SHAPSK-AES256-CBC-SHASSLv3PSKPSKAES(256)SHA148ECDHE_PSK_WITH_AES_128_CBC_SHA256ECDHE-PSK-AES128-CBC-SHA256TLSv1ECDHEPSKPSKAES(128)SHA25649ECDHE_PSK_WITH_AES_128_CBC_SHAECDHE-PSK-AES128-CBC-SHATLSv1ECDHEPSKPSKAES(128)SHA150RSA_PSK_WITH_AES_128_CBC_SHA256RSA-PSK-AES128-CBC-SHA256TLSv1RSAPSKRSAAES(128)SHA25651DHE_PSK_WITH_AES_128_CBC_SHA256DHE-PSK-AES128-CBC-SHA256TLSv1DHEPSKPSKAES(128)SHA25652RSA_PSK_WITH_AES_128_CBC_SHARSA-PSK-AES128-CBC-SHASSLv3RSAPSKRSAAES(128)SHA153DHE_PSK_WITH_AES_128_CBC_SHADHE-PSK-AES128-CBC-SHASSLv3DHEPSKPSKAES(128)SHA154TLS_RSA_WITH_AES_128_CBC_SHAAES128-SHASSLv3RSARSAAES(128)SHA155PSK_WITH_AES_128_CBC_SHA256PSK-AES128-CBC-SHA256TLSv1PSKPSKAES(128)SHA25656PSK_WITH_AES_128_CBC_SHAPSK-AES128-CBC-SHASSLv3PSKPSKAES(128)SHA1 当然也不能任意指定指定时要看客户端是否支持。比如使用谷歌浏览器访问Nginx服务抓包可以看到客户端支持的所有加密套件。那么服务端指定加密套件时就只能从以下支持的加密套件中选择一个。命令行工具 OpenSSL提供了命令行工具可以查看加密套件1、查看OpenSSL支持的所有加密套件 openssl ciphers -v 2、查看OpenSSL支持的所有加密套件但身份验证和加密算法不能为空 openssl ciphers -v ‘ALL:!aNULL’ 参考 openssl加密套件详解

查看全文

http://www.dnsts.com.cn/news/161349.html