[{"data":1,"prerenderedAt":3833},["ShallowReactive",2],{"search-docs":3,"doc-\u002Ftutorials\u002Fcloud\u002Fnginx\u002Fnginx-https":886},[4,8,12,16,20,24,28,32,36,40,44,48,52,56,60,64,68,72,76,80,84,88,92,96,100,104,108,112,116,120,124,128,132,136,140,144,148,152,156,159,162,165,169,172,175,178,182,186,190,194,198,202,206,210,214,218,222,226,230,234,238,242,246,250,254,258,262,266,269,273,277,281,285,288,291,294,298,301,304,307,310,313,316,319,322,325,329,332,336,340,344,348,352,356,359,362,365,368,371,374,377,380,383,386,389,393,396,399,402,405,408,411,414,417,420,424,428,432,435,438,442,446,450,454,458,462,466,470,474,477,480,483,487,491,494,497,500,504,507,511,515,518,521,524,527,530,533,536,539,542,545,548,551,554,557,560,563,566,569,572,575,579,583,587,591,595,599,603,606,610,614,617,620,623,626,629,633,637,640,643,646,649,652,655,658,661,664,667,670,673,676,679,682,685,688,691,694,697,700,703,706,709,712,716,720,724,728,732,736,740,744,748,752,756,760,764,768,772,775,779,783,787,790,793,796,799,802,805,808,811,814,818,822,825,829,832,835,838,841,844,848,851,854,858,862,865,869,873,876,879,882],{"path":5,"title":6,"description":7},"\u002Fabout\u002Fauthor","作者相关","只想纯粹的做一个程序员...",{"path":9,"title":10,"description":11},"\u002Fabout\u002Fjourney","心路历程","",{"path":13,"title":14,"description":15},"\u002Fai\u002Fagent\u002Fframeworks","Agent 框架","主流 Agent 框架：LangChain、LlamaIndex、AutoGen、CrewAI",{"path":17,"title":18,"description":19},"\u002Fai\u002Fagent\u002Fhooks","Agent Hooks 与自动化","Claude Agent 的 Hooks 生命周期、事件类型、典型自动化场景",{"path":21,"title":22,"description":23},"\u002Fai\u002Fagent\u002Fintroduction","AI Agent 概述","AI Agent 核心概念：感知、规划、执行、记忆",{"path":25,"title":26,"description":27},"\u002Fai\u002Fagent\u002Fpractice","Agent 实战","AI Agent 实战：构建自主任务执行系统",{"path":29,"title":30,"description":31},"\u002Fai\u002Fagent\u002Fsdk","Claude Agent SDK 开发","使用 Claude Agent SDK 构建自定义 AI Agent：架构、API、生命周期",{"path":33,"title":34,"description":35},"\u002Fai\u002Fagent\u002Fsubagents","Subagents 子代理","用 Subagents 分解复杂任务、并发执行、隔离上下文",{"path":37,"title":38,"description":39},"\u002Fai\u002Fagent\u002Ftool-use","工具调用","AI Agent 工具调用：Function Calling、Tool Use 原理与实践",{"path":41,"title":42,"description":43},"\u002Fai\u002Ffundamentals\u002Fdeep-learning","深度学习入门","深度学习基础知识：前向传播、反向传播、损失函数、优化器",{"path":45,"title":46,"description":47},"\u002Fai\u002Ffundamentals\u002Fml-basics","机器学习基础","机器学习核心概念：监督学习、无监督学习、强化学习",{"path":49,"title":50,"description":51},"\u002Fai\u002Ffundamentals\u002Fneural-networks","神经网络原理","神经网络架构：CNN、RNN、注意力机制",{"path":53,"title":54,"description":55},"\u002Fai\u002Fgetting-started","AI 学习路线","AI 技术学习路线图，从基础到实战的完整指南",{"path":57,"title":58,"description":59},"\u002Fai\u002Fllm\u002Ffine-tuning","模型微调","大模型微调技术：LoRA、QLoRA、全量微调、RLHF",{"path":61,"title":62,"description":63},"\u002Fai\u002Fllm\u002Fintroduction","大模型概述","大语言模型发展历程、核心能力与主流模型对比",{"path":65,"title":66,"description":67},"\u002Fai\u002Fllm\u002Flocal-deploy","本地部署","大模型本地部署：Ollama、vLLM、llama.cpp",{"path":69,"title":70,"description":71},"\u002Fai\u002Fllm\u002Ftransformer","Transformer 架构","Transformer 架构详解：自注意力机制、位置编码、多头注意力",{"path":73,"title":74,"description":75},"\u002Fai\u002Fmcp\u002Fclient","MCP Client 开发","MCP Client 开发指南：连接、调用、集成",{"path":77,"title":78,"description":79},"\u002Fai\u002Fmcp\u002Fdebugging","MCP 调试与排错","MCP Server 开发与集成过程中的常见问题、日志分析、诊断工具",{"path":81,"title":82,"description":83},"\u002Fai\u002Fmcp\u002Fintroduction","MCP 概述","Model Context Protocol 协议概述：架构、核心概念、应用场景",{"path":85,"title":86,"description":87},"\u002Fai\u002Fmcp\u002Fserver","MCP Server 开发","MCP Server 开发指南：资源、工具、提示词的实现",{"path":89,"title":90,"description":91},"\u002Fai\u002Fmcp\u002Ftools","MCP Tools 深入","深入理解 MCP Tools：与 Resources\u002FPrompts 的差异、Schema 设计、Annotations 与权限控制",{"path":93,"title":94,"description":95},"\u002Fai\u002Fprompt\u002Fadvanced","高级 Prompt 模式","高级 Prompt 设计模式：Tree-of-Thought、自我反思、多轮对话策略",{"path":97,"title":98,"description":99},"\u002Fai\u002Fprompt\u002Fbasics","Prompt 基础","Prompt Engineering 入门：基本概念、角色设定、输出格式控制",{"path":101,"title":102,"description":103},"\u002Fai\u002Fprompt\u002Ftechniques","提示词技巧","常用提示词技巧：Few-shot、Chain-of-Thought、ReAct",{"path":105,"title":106,"description":107},"\u002Fai\u002Frag\u002Fembedding","文本嵌入","文本嵌入模型：Embedding 原理、模型选择、相似度计算",{"path":109,"title":110,"description":111},"\u002Fai\u002Frag\u002Fintroduction","RAG 概述","检索增强生成（RAG）架构原理、优势与应用场景",{"path":113,"title":114,"description":115},"\u002Fai\u002Frag\u002Fpractice","RAG 实战","RAG 应用实战：文档问答系统、知识库搭建",{"path":117,"title":118,"description":119},"\u002Fai\u002Frag\u002Fvector-database","向量数据库","主流向量数据库对比：Milvus、Pinecone、Chroma、Weaviate",{"path":121,"title":122,"description":123},"\u002Fai\u002Fskills\u002Fbest-practices","Skill 最佳实践","编写高质量 Skill 的设计原则、常见陷阱与优化技巧",{"path":125,"title":126,"description":127},"\u002Fai\u002Fskills\u002Fcreating","创建自定义 Skill","从零编写一个可被 Agent 自动发现和调用的 Skill",{"path":129,"title":130,"description":131},"\u002Fai\u002Fskills\u002Fintroduction","Agent Skills 概述","Claude Agent Skills 概念、工作原理、与 Tools\u002FMCP 的区别",{"path":133,"title":134,"description":135},"\u002Fgolang\u002Fadvanced\u002Fconcurrency","Go - 并发深入","深入理解 Go 并发编程的核心机制。",{"path":137,"title":138,"description":139},"\u002Fgolang\u002Fadvanced\u002Fgc","Go - 垃圾回收","理解 Go 的垃圾回收机制，掌握 GC 调优方法。",{"path":141,"title":142,"description":143},"\u002Fgolang\u002Fadvanced\u002Fgmp","Go - GMP 调度模型","GMP 是 Go 运行时调度器的核心模型，理解它对于编写高性能 Go 程序至关重要。",{"path":145,"title":146,"description":147},"\u002Fgolang\u002Fadvanced\u002Fgo-concurrency","Go - 并发编程","Go 的并发是其核心特性之一，通过 Goroutine 和 Channel 实现。",{"path":149,"title":150,"description":151},"\u002Fgolang\u002Fadvanced\u002Fmemory","Go - 内存模型","理解 Go 的内存分配机制和内存模型。",{"path":153,"title":154,"description":155},"\u002Fgolang\u002Fadvanced\u002Fprofiling","Go - 性能分析","掌握 Go 的性能分析工具：pprof、trace、benchmark。",{"path":157,"title":158,"description":11},"\u002Fgolang\u002Fcore\u002Fgo-basic","Go - 基础语法",{"path":160,"title":161,"description":11},"\u002Fgolang\u002Fcore\u002Fgo-composite","Go - 复合类型",{"path":163,"title":164,"description":11},"\u002Fgolang\u002Fcore\u002Fgo-control","Go - 流程控制",{"path":166,"title":167,"description":168},"\u002Fgolang\u002Fcore\u002Fgo-error","Go - 错误处理","Go 使用显式的错误返回值来处理错误，而不是异常机制。",{"path":170,"title":171,"description":11},"\u002Fgolang\u002Fcore\u002Fgo-function","Go - 函数",{"path":173,"title":174,"description":11},"\u002Fgolang\u002Fcore\u002Fgo-install","Go - 环境搭建",{"path":176,"title":177,"description":11},"\u002Fgolang\u002Fcore\u002Fgo-interface","Go - 接口",{"path":179,"title":180,"description":181},"\u002Fgolang\u002Fcore\u002Fgo-module","Go - 包管理","Go Modules 是 Go 1.11 引入的官方依赖管理方案，Go 1.16 后成为默认模式。",{"path":183,"title":184,"description":185},"\u002Fgolang\u002Fdistributed\u002Fgrpc","Go - gRPC","gRPC 是 Google 开发的高性能 RPC 框架，使用 Protocol Buffers 作为序列化协议。",{"path":187,"title":188,"description":189},"\u002Fgolang\u002Fdistributed\u002Fmicroservice","Go - 微服务","微服务架构的核心组件：服务发现、负载均衡、熔断降级。",{"path":191,"title":192,"description":193},"\u002Fgolang\u002Fdistributed\u002Fmq","Go - 消息队列","使用 Go 操作 Kafka 和 RabbitMQ。",{"path":195,"title":196,"description":197},"\u002Fgolang\u002Fdistributed\u002Fredis","Go - Redis","使用 go-redis 操作 Redis，实现缓存、分布式锁等功能。",{"path":199,"title":200,"description":201},"\u002Fgolang\u002Fengineering\u002Fconfig","Go - 配置管理","使用 viper 进行配置管理，支持多种配置格式和配置中心。",{"path":203,"title":204,"description":205},"\u002Fgolang\u002Fengineering\u002Fdocker","Go - Docker 部署","使用 Docker 容器化部署 Go 应用。",{"path":207,"title":208,"description":209},"\u002Fgolang\u002Fengineering\u002Fkubernetes","Go - Kubernetes 部署","在 Kubernetes 上部署和管理 Go 应用。",{"path":211,"title":212,"description":213},"\u002Fgolang\u002Fengineering\u002Flogging","Go - 日志系统","使用 zap 和 logrus 构建高性能结构化日志系统。",{"path":215,"title":216,"description":217},"\u002Fgolang\u002Fengineering\u002Ftesting","Go - 单元测试","Go 内置了强大的测试框架，掌握测试是编写高质量代码的基础。",{"path":219,"title":220,"description":221},"\u002Fgolang\u002Fstdlib\u002Fbufio","bufio","在 Go 语言中，bufio 包提供了带缓冲的 I\u002FO 操作，能够提高读写性能。以下是一些常用的 bufio 包 API 及其详细说明：",{"path":223,"title":224,"description":225},"\u002Fgolang\u002Fstdlib\u002Fcontainer","container","在Go语言标准库中，container 包提供了几种常用的数据结构实现，这些数据结构对于高效地管理和操作数据非常有用。以下是 container 包中主要的数据结构：",{"path":227,"title":228,"description":229},"\u002Fgolang\u002Fstdlib\u002Fcrypto","crypto","在 Go 语言中，crypto 包提供了一组用于加密和解密的功能。以下是一些常用的 crypto 包及其子包的 API 及其详细说明：",{"path":231,"title":232,"description":233},"\u002Fgolang\u002Fstdlib\u002Fencoding-csv","encoding\u002Fcsv","在 Go 语言中，encoding\u002Fcsv 包提供了对 CSV（逗号分隔值）文件进行读写的功能。以下是一些常用的 encoding\u002Fcsv 包的 API 及其详细说明：",{"path":235,"title":236,"description":237},"\u002Fgolang\u002Fstdlib\u002Fencoding-json","encoding\u002Fjson","在 Go 语言中，encoding\u002Fjson 包提供了对 JSON 数据进行编码和解码的功能。以下是一些常用的 encoding\u002Fjson 包的 API 及其详细说明：",{"path":239,"title":240,"description":241},"\u002Fgolang\u002Fstdlib\u002Fencoding-xml","encoding\u002Fxml","在 Go 语言中，encoding\u002Fxml 包提供了对 XML 数据进行编码和解码的功能。以下是一些常用的 encoding\u002Fxml 包的 API 及其详细说明：",{"path":243,"title":244,"description":245},"\u002Fgolang\u002Fstdlib\u002Fflag","flag","在Go语言中，flag 包是用于处理命令行参数的标准库，它提供了一种简单而直接的方式来解析和使用命令行参数。下面是关于 flag 包的一些基本介绍和常用功能：",{"path":247,"title":248,"description":249},"\u002Fgolang\u002Fstdlib\u002Ffmt","fmt","在 Go 语言的标准库中，fmt 包是非常重要的，它提供了处理格式化输入和输出的基本工具。以下是一些 fmt 包内常用的API：",{"path":251,"title":252,"description":253},"\u002Fgolang\u002Fstdlib\u002Fhttp","net\u002Fhttp","在 Go 语言中，net\u002Fhttp 包提供了用于构建 HTTP 客户端和服务器的强大工具。以下是一些常用的 net\u002Fhttp 包的 API 及其详细说明：",{"path":255,"title":256,"description":257},"\u002Fgolang\u002Fstdlib\u002Fio","io","在 Go 语言中，io 包提供了基本的输入输出功能。以下是一些常用的 io 包的 API 及其详细说明：",{"path":259,"title":260,"description":261},"\u002Fgolang\u002Fstdlib\u002Flog","log","在 Go 语言中，log 包提供了简单的日志记录功能。以下是一些常用的 log 包的 API 及其详细说明：",{"path":263,"title":264,"description":265},"\u002Fgolang\u002Fstdlib\u002Fmath","math","在 Go 语言中，math 包提供了基本的数学函数和常量。以下是一些常用的 math 包的 API 及其详细说明：",{"path":267,"title":268,"description":11},"\u002Fgolang\u002Fstdlib\u002Fnet","net",{"path":270,"title":271,"description":272},"\u002Fgolang\u002Fstdlib\u002Fos","os","在Go语言中，os 包是一个非常重要且常用的标准库，它提供了与操作系统交互的功能，包括文件操作、环境变量管理、进程管理等。下面是一些 os 包中常用的功能和API：",{"path":274,"title":275,"description":276},"\u002Fgolang\u002Fstdlib\u002Fsort","order","在 Go 语言中，sort 包提供了对切片和用户定义的集合进行排序的函数。它实现了常见的排序算法，如快速排序（Quicksort）和堆排序（Heapsort），并且为自定义集合提供了接口，使得用户可以根据特定的需求进行排序。",{"path":278,"title":279,"description":280},"\u002Fgolang\u002Fstdlib\u002Fstrconv","strconv","在 Go 语言中，strconv 包提供了字符串和基本数据类型之间的转换函数，例如将整数转换为字符串、字符串转换为整数，以及其他类型之间的转换。这些功能非常有用，特别是在处理用户输入或从外部数据源读取数据时。",{"path":282,"title":283,"description":284},"\u002Fgolang\u002Fstdlib\u002Ftime","time","在 Go 语言中，time 包提供了处理时间和日期的功能。以下是一些常用的 time 包的 API 及其详细说明：",{"path":286,"title":287,"description":11},"\u002Fgolang\u002Fweb\u002Fgin\u002Ferror","Gin - 错误处理",{"path":289,"title":290,"description":11},"\u002Fgolang\u002Fweb\u002Fgin\u002Ffile","Gin - 文件处理",{"path":292,"title":293,"description":11},"\u002Fgolang\u002Fweb\u002Fgin\u002Fmiddleware","Gin - 中间件",{"path":295,"title":296,"description":297},"\u002Fgolang\u002Fweb\u002Fgin\u002Fquickstart","Gin - 快速开始","Gin 是目前最流行的 Go Web 框架，以高性能和简洁 API 著称。",{"path":299,"title":300,"description":11},"\u002Fgolang\u002Fweb\u002Fgin\u002Frequest","Gin - 请求处理",{"path":302,"title":303,"description":11},"\u002Fgolang\u002Fweb\u002Fgin\u002Fresponse","Gin - 响应处理",{"path":305,"title":306,"description":11},"\u002Fgolang\u002Fweb\u002Fgin\u002Frouter","Gin - 路由",{"path":308,"title":309,"description":11},"\u002Fgolang\u002Fweb\u002Fgin\u002Fvalidation","Gin - 参数校验",{"path":311,"title":312,"description":11},"\u002Fgolang\u002Fweb\u002Fgorm\u002Fassociation","GORM - 关联关系",{"path":314,"title":315,"description":11},"\u002Fgolang\u002Fweb\u002Fgorm\u002Fcrud","GORM - CRUD 操作",{"path":317,"title":318,"description":11},"\u002Fgolang\u002Fweb\u002Fgorm\u002Fmodel","GORM - 模型定义",{"path":320,"title":321,"description":11},"\u002Fgolang\u002Fweb\u002Fgorm\u002Fperformance","GORM - 日志与性能",{"path":323,"title":324,"description":11},"\u002Fgolang\u002Fweb\u002Fgorm\u002Fquery","GORM - 高级查询",{"path":326,"title":327,"description":328},"\u002Fgolang\u002Fweb\u002Fgorm\u002Fquickstart","GORM - 快速开始","GORM 是 Go 语言最流行的 ORM 库，功能强大，使用简单。",{"path":330,"title":331,"description":11},"\u002Fgolang\u002Fweb\u002Fgorm\u002Ftransaction","GORM - 事务与 Hook",{"path":333,"title":334,"description":335},"\u002Finterview\u002Fbasic","计算机基础面经","本章节汇总了面试中常见的通用技术概念，不局限于特定语言或数据库，是考察技术内功的关键考点。",{"path":337,"title":338,"description":339},"\u002Finterview\u002Fgolang","Golang 面试题","Go 语言面试高频考点，覆盖基础语法、数据结构、并发编程、内存管理、GC、调度器等核心知识。",{"path":341,"title":342,"description":343},"\u002Finterview\u002Fk8s","Kubernetes 面试题","Kubernetes（K8s）面试高频考点，覆盖架构原理、核心资源、网络存储、调度策略、运维监控等核心知识。",{"path":345,"title":346,"description":347},"\u002Finterview\u002Fmysql","MySQL 面试题","MySQL 数据库面试高频考点，覆盖索引、事务、锁、优化、主从复制等核心知识。",{"path":349,"title":350,"description":351},"\u002Finterview\u002Fredis","Redis 面试题","Redis 面试高频考点，覆盖数据结构、持久化、集群、缓存一致性、性能优化等核心知识。",{"path":353,"title":354,"description":355},"\u002Finterview\u002Frocketmq","RocketMQ 面试题","RocketMQ 面试高频考点，覆盖消息模型、可靠性、顺序消息、事务消息、存储与高可用等核心知识。",{"path":357,"title":358,"description":11},"\u002Fother\u002Fjava\u002Fcollection\u002Flist-arraylist","List - ArrayList 源码解析",{"path":360,"title":361,"description":11},"\u002Fother\u002Fjava\u002Fcollection\u002Flist-linkedlist","List - LinkedList 源码解析",{"path":363,"title":364,"description":11},"\u002Fother\u002Fjava\u002Fcollection\u002Flist-stack","List - Satck源码解析",{"path":366,"title":367,"description":11},"\u002Fother\u002Fjava\u002Fcollection\u002Flist-vectore","List - Vector 源码解析",{"path":369,"title":370,"description":11},"\u002Fother\u002Fjava\u002Fcollection\u002Fmap-hashmap","Map - HashMap 源码解析",{"path":372,"title":373,"description":11},"\u002Fother\u002Fjava\u002Fcollection\u002Fmap-linkedhashmap","Map - LinkedHashMap 源码解析",{"path":375,"title":376,"description":11},"\u002Fother\u002Fjava\u002Fcollection\u002Fmap-treemap","Map - TreeMap 源码解析",{"path":378,"title":379,"description":11},"\u002Fother\u002Fjava\u002Fcollection\u002Fqueue-deque","Queue - Deque 接口解析",{"path":381,"title":382,"description":11},"\u002Fother\u002Fjava\u002Fcollection\u002Fqueue-queue","Queue - Queue 接口解析",{"path":384,"title":385,"description":11},"\u002Fother\u002Fjava\u002Fcollection\u002Fset-hashset","Set - HashSet源码解析",{"path":387,"title":388,"description":11},"\u002Fother\u002Fjava\u002Fcollection\u002Fset-linkedhashset","Set - LinkedHashSet 源码解析",{"path":390,"title":391,"description":392},"\u002Fother\u002Fjava\u002Fcollection\u002Fset-treeset","Set - TreeSet源码解析","TreeSet 是一个 Set 集合接口的实现类，与 HashSet 类似，其底层也是通过维护了一个 TreeMap 对象来封装了一些实现方法，故本篇不再对 TreeSet 的底层原理进行详细说明，仅对常用 API 做简单介绍，如需了解 TreeMap 的底层实现原理，请移步 Map - HashMap 源码解析",{"path":394,"title":395,"description":11},"\u002Fother\u002Fjava\u002Fcore\u002Fannotation","Java核心 - 注解",{"path":397,"title":398,"description":11},"\u002Fother\u002Fjava\u002Fcore\u002Fbasic-grammar","Java核心 - 基础语法",{"path":400,"title":401,"description":11},"\u002Fother\u002Fjava\u002Fcore\u002Fclass-and-object","Java核心 - 面向对象",{"path":403,"title":404,"description":11},"\u002Fother\u002Fjava\u002Fcore\u002Fcommon-classes","Java核心 - 常用类",{"path":406,"title":407,"description":11},"\u002Fother\u002Fjava\u002Fcore\u002Fexception","Java核心 - 异常处理",{"path":409,"title":410,"description":11},"\u002Fother\u002Fjava\u002Fcore\u002Fgenerics","Java核心 - 泛型",{"path":412,"title":413,"description":11},"\u002Fother\u002Fjava\u002Fcore\u002Fjdk-env-path","Java核心 - 环境搭建",{"path":415,"title":416,"description":11},"\u002Fother\u002Fjava\u002Fcore\u002Freflection","Java核心 - 反射",{"path":418,"title":419,"description":11},"\u002Fother\u002Fjava\u002Fcore\u002Fstring","Java核心 - String 字符串",{"path":421,"title":422,"description":423},"\u002Fother\u002Fjava\u002Fio\u002Fbuffer-stream","Java IO - 缓冲流","缓冲流是对基本流的包装，通过内置缓冲区减少系统调用次数，大幅提升读写效率。",{"path":425,"title":426,"description":427},"\u002Fother\u002Fjava\u002Fio\u002Fbyte-stream","Java IO - 字节流","字节流是 Java IO 中最基本的流类型，以字节（byte）为单位进行数据读写，可以处理任意类型的文件。",{"path":429,"title":430,"description":431},"\u002Fother\u002Fjava\u002Fio\u002Fchar-stream","Java IO - 字符流","字符流以字符为单位进行读写，专门用于处理文本文件。相比字节流，字符流能够正确处理字符编码，避免中文乱码问题。",{"path":433,"title":434,"description":11},"\u002Fother\u002Fjava\u002Fio\u002Ffile","Java IO - File 类",{"path":436,"title":437,"description":11},"\u002Fother\u002Fjava\u002Fio\u002Fio-stream-system","Java IO - IO流概述",{"path":439,"title":440,"description":441},"\u002Fother\u002Fjava\u002Fio\u002Fnio","Java IO - NIO","NIO（New IO）是 JDK 1.4 引入的新 IO 模型，提供了更高效的 IO 操作方式，支持非阻塞 IO 和多路复用。",{"path":443,"title":444,"description":445},"\u002Fother\u002Fjava\u002Fjvm\u002Fclass-loading","类加载机制","类加载机制是 JVM 将 .class 文件加载到内存，并对数据进行校验、转换解析和初始化，最终形成可被 JVM 直接使用的 Java 类型的过程。",{"path":447,"title":448,"description":449},"\u002Fother\u002Fjava\u002Fjvm\u002Fgarbage-collection","垃圾回收","垃圾回收（Garbage Collection，GC）是 JVM 自动管理内存的机制，负责回收不再使用的对象所占用的内存。",{"path":451,"title":452,"description":453},"\u002Fother\u002Fjava\u002Fjvm\u002Fjvm-memory","JVM 内存结构","JVM 在执行 Java 程序时，会把它管理的内存划分为若干个不同的数据区域。这些区域有各自的用途、创建和销毁时间。",{"path":455,"title":456,"description":457},"\u002Fother\u002Fjava\u002Fjvm\u002Fjvm-tuning","JVM 调优","JVM 调优是优化 Java 应用性能的重要手段，主要包括参数配置、性能监控和问题排查。",{"path":459,"title":460,"description":461},"\u002Fother\u002Fjava\u002Fthread\u002Fatomic","原子类","Java 原子类（Atomic Classes）提供了一种无锁的线程安全方式，基于 CAS（Compare-And-Swap）操作实现。",{"path":463,"title":464,"description":465},"\u002Fother\u002Fjava\u002Fthread\u002Fcompletable-future","CompletableFuture","CompletableFuture 是 JDK 8 引入的异步编程工具，实现了 Future 和 CompletionStage 接口，支持函数式编程和链式调用。",{"path":467,"title":468,"description":469},"\u002Fother\u002Fjava\u002Fthread\u002Fconcurrent-collections","并发集合","Java 并发包提供了多种线程安全的集合类，用于替代传统的同步集合（如 Collections.synchronizedList）。",{"path":471,"title":472,"description":473},"\u002Fother\u002Fjava\u002Fthread\u002Fconcurrent-utils","并发工具类","Java 并发包提供了多种实用的并发工具类，用于控制线程之间的协调与同步。",{"path":475,"title":476,"description":11},"\u002Fother\u002Fjava\u002Fthread\u002Fsynchronized-lock","同步机制",{"path":478,"title":479,"description":11},"\u002Fother\u002Fjava\u002Fthread\u002Fthread-basic","线程基础",{"path":481,"title":482,"description":11},"\u002Fother\u002Fjava\u002Fthread\u002Fthread-pool","线程池",{"path":484,"title":485,"description":486},"\u002Fother\u002Fspring-series\u002Fspring\u002Fannotations-beans","Spring - 基于注解管理Bean","从 Java 5 开始，Java 增加了对注解（Annotation）的支持，它是代码中的一种特殊标记，可以在编译、类加载和运行时被读取，执行相应的处理。开发人员可以通过注解在不改变原有代码和逻辑的情况下，在源代码中嵌入补充信息。",{"path":488,"title":489,"description":490},"\u002Fother\u002Fspring-series\u002Fspring\u002Fimplement-ioc","Spring - 原理手写IoC","Spring 框架的 IOC 是基于 Java 反射机制实现的，在学习手写 IoC 之前，你需要具备一定的 Java 反射相关的知识，参考本站内的 Java 教程。",{"path":492,"title":493,"description":11},"\u002Fother\u002Fspring-series\u002Fspring\u002Fintroduction-case","Spring - 入门案例",{"path":495,"title":496,"description":11},"\u002Fother\u002Fspring-series\u002Fspring\u002Fspring-aop","Spring - 面向切面AOP",{"path":498,"title":499,"description":11},"\u002Fother\u002Fspring-series\u002Fspring\u002Fspring-aot","Spring - AOT提前编译",{"path":501,"title":502,"description":503},"\u002Fother\u002Fspring-series\u002Fspring\u002Fspring-data-validation","Spring - 数据校验","在开发中，我们经常遇到参数校验的需求，比如用户注册的时候，要校验用户名不能为空、用户名长度不超过20个字符、手机号是合法的手机号格式等等。如果使用普通方式，我们会把校验的代码和真正的业务处理逻辑耦合在一起，而且如果未来要新增一种校验逻辑也需要在修改多个地方。而spring validation允许通过注解的方式来定义对象校验规则，把校验和业务逻辑分离开，让代码编写更加方便。Spring Validation其实就是对Hibernate Validator进一步的封装，方便在Spring中使用。",{"path":505,"title":506,"description":11},"\u002Fother\u002Fspring-series\u002Fspring\u002Fspring-i18n","Spring - 国际化i18n",{"path":508,"title":509,"description":510},"\u002Fother\u002Fspring-series\u002Fspring\u002Fspring-ioc","Spring - IOC容器","IoC 是 Inversion of Control 的简写，译为“控制反转”，它不是一门技术，而是一种设计思想，是一个重要的面向对象编程法则，能够指导我们如何设计出松耦合、更优良的程序。",{"path":512,"title":513,"description":514},"\u002Fother\u002Fspring-series\u002Fspring\u002Fspring-junit","Spring - 单元测试JUnit","在之前的测试方法中，几乎都能看到以下的两行代码：",{"path":516,"title":517,"description":11},"\u002Fother\u002Fspring-series\u002Fspring\u002Fspring-resources","Spring - 资源操作",{"path":519,"title":520,"description":11},"\u002Fother\u002Fspring-series\u002Fspring\u002Fspring-summarize","Spring - Spring概述",{"path":522,"title":523,"description":11},"\u002Fother\u002Fspring-series\u002Fspring\u002Fspring-transaction","Spring - 事务",{"path":525,"title":526,"description":11},"\u002Fother\u002Fspring-series\u002Fspring\u002Fxml-beans","Spring - 基于XML管理Bean",{"path":528,"title":529,"description":11},"\u002Fother\u002Fspring-series\u002Fspringboot\u002Fspringboot-config","SpringBoot - 配置详解",{"path":531,"title":532,"description":11},"\u002Fother\u002Fspring-series\u002Fspringboot\u002Fspringboot-data","SpringBoot - 数据访问",{"path":534,"title":535,"description":11},"\u002Fother\u002Fspring-series\u002Fspringboot\u002Fspringboot-quickstart","SpringBoot - 快速入门",{"path":537,"title":538,"description":11},"\u002Fother\u002Fspring-series\u002Fspringboot\u002Fspringboot-web","SpringBoot - Web 开发",{"path":540,"title":541,"description":11},"\u002Fother\u002Fspring-series\u002Fspringcloud\u002Fspringcloud-config","SpringCloud - 配置中心",{"path":543,"title":544,"description":11},"\u002Fother\u002Fspring-series\u002Fspringcloud\u002Fspringcloud-discovery","SpringCloud - 服务注册与发现",{"path":546,"title":547,"description":11},"\u002Fother\u002Fspring-series\u002Fspringcloud\u002Fspringcloud-feign","SpringCloud - 服务调用",{"path":549,"title":550,"description":11},"\u002Fother\u002Fspring-series\u002Fspringcloud\u002Fspringcloud-gateway","SpringCloud - 服务网关",{"path":552,"title":553,"description":11},"\u002Fother\u002Fspring-series\u002Fspringcloud\u002Fspringcloud-introduction","SpringCloud - 微服务概述",{"path":555,"title":556,"description":11},"\u002Fother\u002Fspring-series\u002Fspringcloud\u002Fspringcloud-sentinel","SpringCloud - 服务保护",{"path":558,"title":559,"description":11},"\u002Fother\u002Fspring-series\u002Fspringmvc\u002Fspringmvc-databind","SpringMVC - 数据绑定与转换",{"path":561,"title":562,"description":11},"\u002Fother\u002Fspring-series\u002Fspringmvc\u002Fspringmvc-exception","SpringMVC - 异常处理",{"path":564,"title":565,"description":11},"\u002Fother\u002Fspring-series\u002Fspringmvc\u002Fspringmvc-interceptor","SpringMVC - 拦截器",{"path":567,"title":568,"description":11},"\u002Fother\u002Fspring-series\u002Fspringmvc\u002Fspringmvc-introduction","SpringMVC - 简介与环境搭建",{"path":570,"title":571,"description":11},"\u002Fother\u002Fspring-series\u002Fspringmvc\u002Fspringmvc-request","SpringMVC - 请求处理",{"path":573,"title":574,"description":11},"\u002Fother\u002Fspring-series\u002Fspringmvc\u002Fspringmvc-response","SpringMVC - 响应处理",{"path":576,"title":577,"description":578},"\u002Fproject\u002Frocket-leaf\u002Farchitecture","项目架构","Rocket-Leaf 的目录结构、模块划分、数据流向，以及各层之间的依赖关系。",{"path":580,"title":581,"description":582},"\u002Fproject\u002Frocket-leaf\u002Fbackend-layers","后端分层设计","Rocket-Leaf 的 model \u002F rocketmq \u002F service 三层结构，以及服务之间的依赖关系与设计取舍。",{"path":584,"title":585,"description":586},"\u002Fproject\u002Frocket-leaf\u002Fclient-manager","RocketMQ 客户端管理器","AdminClientManager 的多客户端池、默认连接懒加载、自动重连重试的设计与实现。",{"path":588,"title":589,"description":590},"\u002Fproject\u002Frocket-leaf\u002Fencryption","连接信息加密存储","AES-256-GCM + SHA-256 字段级派生密钥的实现，以及如何在不破坏兼容性的前提下为历史明文数据做透明迁移。",{"path":592,"title":593,"description":594},"\u002Fproject\u002Frocket-leaf\u002Ffrontend","前端结构与类型绑定","React + Vite 目录组织、自动生成的 Wails 绑定、api 薄封装与自定义 hooks 的职责划分。",{"path":596,"title":597,"description":598},"\u002Fproject\u002Frocket-leaf","项目简介","Rocket-Leaf 是一款基于 Wails v3 构建的跨平台 RocketMQ 桌面管理客户端，Go 后端 + React 前端。本文档系列拆解它的架构与关键实现。",{"path":600,"title":601,"description":602},"\u002Fproject\u002Frocket-leaf\u002Fwails-v3","Wails v3 入门","Wails v3 的核心概念、Service 绑定机制，以及 Rocket-Leaf 是如何用它把 Go 后端和 React 前端打通的。",{"path":604,"title":605,"description":11},"\u002Ftutorials\u002Fcloud\u002Fdocker\u002Fdocker-basic","Docker - 入门基础",{"path":607,"title":608,"description":609},"\u002Ftutorials\u002Fcloud\u002Fdocker\u002Fdocker-compose","Docker - Compose","在部署应用时，常常使用到不止一个容器，那么在部署容器的时候就需要一个一个进行部署，这样的部署过程也相对来说比较繁琐复杂，也容易出问题，那么有没有一种更为简单的方法呢？",{"path":611,"title":612,"description":613},"\u002Ftutorials\u002Fcloud\u002Fdocker\u002Fdocker-container-connection","Docker - 容器互联","在上一个章节中我们学习了 Docker 容器的端口映射，可以将 Docker 容器和本地以及网络中的端口进行连接起来。",{"path":615,"title":616,"description":11},"\u002Ftutorials\u002Fcloud\u002Fdocker\u002Fdocker-dockerfile","Docker - Dockerfile",{"path":618,"title":619,"description":11},"\u002Ftutorials\u002Fcloud\u002Fdocker\u002Fdocker-helloworld","Docker - HelloWorld",{"path":621,"title":622,"description":11},"\u002Ftutorials\u002Fcloud\u002Fdocker\u002Fdocker-install","Docker - 安装",{"path":624,"title":625,"description":11},"\u002Ftutorials\u002Fcloud\u002Fdocker\u002Fdocker-introduce","Docker - 简介",{"path":627,"title":628,"description":11},"\u002Ftutorials\u002Fcloud\u002Fdocker\u002Fdocker-object","Docker - 镜像、容器、仓库",{"path":630,"title":631,"description":632},"\u002Ftutorials\u002Fcloud\u002Fdocker\u002Fdocker-warehouse","Docker - 仓库管理","仓库是集中存放资源的地方，代码仓库是存放代码的，那么Docker 中的仓库就是存放 Docker 镜像的。",{"path":634,"title":635,"description":636},"\u002Ftutorials\u002Fcloud\u002Fdocker\u002Fdocker-web-containers","Docker - WEB应用实例","在之前的章节中，仅对普通容器进行了演示，但在实际中常常使用到 Docker 容器中的 WEB 应用程序。",{"path":638,"title":639,"description":11},"\u002Ftutorials\u002Fcloud\u002Fkubernetes\u002Fk8s-config","Kubernetes - ConfigMap 与 Secret",{"path":641,"title":642,"description":11},"\u002Ftutorials\u002Fcloud\u002Fkubernetes\u002Fk8s-helm","Kubernetes - Helm 包管理",{"path":644,"title":645,"description":11},"\u002Ftutorials\u002Fcloud\u002Fkubernetes\u002Fk8s-install","Kubernetes - 集群安装",{"path":647,"title":648,"description":11},"\u002Ftutorials\u002Fcloud\u002Fkubernetes\u002Fk8s-introduction","Kubernetes - 简介与架构",{"path":650,"title":651,"description":11},"\u002Ftutorials\u002Fcloud\u002Fkubernetes\u002Fk8s-kubectl","Kubernetes - kubectl 命令行工具",{"path":653,"title":654,"description":11},"\u002Ftutorials\u002Fcloud\u002Fkubernetes\u002Fk8s-monitoring","Kubernetes - 监控与日志",{"path":656,"title":657,"description":11},"\u002Ftutorials\u002Fcloud\u002Fkubernetes\u002Fk8s-network-security","Kubernetes - 网络与安全",{"path":659,"title":660,"description":11},"\u002Ftutorials\u002Fcloud\u002Fkubernetes\u002Fk8s-service","Kubernetes - Service 与 Ingress",{"path":662,"title":663,"description":11},"\u002Ftutorials\u002Fcloud\u002Fkubernetes\u002Fk8s-storage","Kubernetes - 持久化存储",{"path":665,"title":666,"description":11},"\u002Ftutorials\u002Fcloud\u002Fkubernetes\u002Fk8s-workload","Kubernetes - 工作负载资源",{"path":668,"title":669,"description":11},"\u002Ftutorials\u002Fcloud\u002Flinux\u002Flinux-bash","Linux - Bash 基础语法",{"path":671,"title":672,"description":11},"\u002Ftutorials\u002Fcloud\u002Flinux\u002Flinux-file-directory","Linux - 文件与目录操作",{"path":674,"title":675,"description":11},"\u002Ftutorials\u002Fcloud\u002Flinux\u002Flinux-network","Linux - 网络配置",{"path":677,"title":678,"description":11},"\u002Ftutorials\u002Fcloud\u002Flinux\u002Flinux-package","Linux - 软件包管理",{"path":680,"title":681,"description":11},"\u002Ftutorials\u002Fcloud\u002Flinux\u002Flinux-process","Linux - 进程管理",{"path":683,"title":684,"description":11},"\u002Ftutorials\u002Fcloud\u002Flinux\u002Flinux-scripts","Linux - 常用脚本示例",{"path":686,"title":687,"description":11},"\u002Ftutorials\u002Fcloud\u002Flinux\u002Flinux-service","Linux - 服务管理",{"path":689,"title":690,"description":11},"\u002Ftutorials\u002Fcloud\u002Flinux\u002Flinux-user-permission","Linux - 用户与权限管理",{"path":692,"title":693,"description":11},"\u002Ftutorials\u002Fcloud\u002Fnginx\u002Fnginx-https","Nginx - HTTPS 配置",{"path":695,"title":696,"description":11},"\u002Ftutorials\u002Fcloud\u002Fnginx\u002Fnginx-install","Nginx - 安装与配置",{"path":698,"title":699,"description":11},"\u002Ftutorials\u002Fcloud\u002Fnginx\u002Fnginx-loadbalance","Nginx - 负载均衡",{"path":701,"title":702,"description":11},"\u002Ftutorials\u002Fcloud\u002Fnginx\u002Fnginx-optimization","Nginx - 性能优化",{"path":704,"title":705,"description":11},"\u002Ftutorials\u002Fcloud\u002Fnginx\u002Fnginx-proxy","Nginx - 反向代理",{"path":707,"title":708,"description":11},"\u002Ftutorials\u002Fcloud\u002Fnginx\u002Fnginx-static","Nginx - 静态资源服务",{"path":710,"title":711,"description":11},"\u002Ftutorials\u002Fcloud\u002Fnginx\u002Fnginx-vhost","Nginx - 虚拟主机配置",{"path":713,"title":714,"description":715},"\u002Ftutorials\u002Fdatabase\u002Fmysql\u002Fmysql-architecture","MySQL 高可用架构","主从复制、读写分离、分库分表。",{"path":717,"title":718,"description":719},"\u002Ftutorials\u002Fdatabase\u002Fmysql\u002Fmysql-index","MySQL 索引","索引是帮助 MySQL 高效获取数据的有序数据结构。",{"path":721,"title":722,"description":723},"\u002Ftutorials\u002Fdatabase\u002Fmysql\u002Fmysql-lock","MySQL 锁","锁用于解决并发访问时的数据一致性问题。",{"path":725,"title":726,"description":727},"\u002Ftutorials\u002Fdatabase\u002Fmysql\u002Fmysql-optimize","MySQL 性能优化","SQL 优化是后端开发必备技能。",{"path":729,"title":730,"description":731},"\u002Ftutorials\u002Fdatabase\u002Fmysql\u002Fmysql-transaction","MySQL 事务","事务是一组不可分割的操作，要么全部成功，要么全部失败。",{"path":733,"title":734,"description":735},"\u002Ftutorials\u002Fdatabase\u002Fmysql\u002Fsql-advanced","SQL 进阶","多表查询、子查询、函数、视图、存储过程。",{"path":737,"title":738,"description":739},"\u002Ftutorials\u002Fdatabase\u002Fmysql\u002Fsql-basic","SQL 基础","SQL（Structured Query Language）是操作关系型数据库的标准语言。",{"path":741,"title":742,"description":743},"\u002Ftutorials\u002Fdatabase\u002Fredis\u002Fredis-advanced","Redis 进阶功能","事务、发布订阅、Lua 脚本、Pipeline。",{"path":745,"title":746,"description":747},"\u002Ftutorials\u002Fdatabase\u002Fredis\u002Fredis-basic","Redis 基础","Redis 安装配置与基本命令。",{"path":749,"title":750,"description":751},"\u002Ftutorials\u002Fdatabase\u002Fredis\u002Fredis-cluster","Redis 高可用","主从复制、哨兵、Cluster 集群。",{"path":753,"title":754,"description":755},"\u002Ftutorials\u002Fdatabase\u002Fredis\u002Fredis-datatype","Redis 数据类型","Redis 5 种基本数据类型 + 4 种特殊类型。",{"path":757,"title":758,"description":759},"\u002Ftutorials\u002Fdatabase\u002Fredis\u002Fredis-optimize","Redis 性能优化","内存优化、缓存问题、最佳实践。",{"path":761,"title":762,"description":763},"\u002Ftutorials\u002Fdatabase\u002Fredis\u002Fredis-persistence","Redis 持久化","Redis 提供 RDB 和 AOF 两种持久化方式。",{"path":765,"title":766,"description":767},"\u002Ftutorials\u002Fdatabase\u002Fredis\u002Fredis-principle","Redis 底层原理","数据结构、线程模型、网络模型。",{"path":769,"title":770,"description":771},"\u002Ftutorials\u002Fdev-idea\u002Fdesign-patterns\u002Fbehaiver-patterns\u002Fobserver-pattern","观察者模式","观察者模式属于行为型模式，定义了对象之间的一对多的依赖关系，在这种模式中，当一个对象的状态发生变化时，所有依赖于它的对象都会得到通知，并且执行相关操作。观察者模式又被成为“发布—订阅模式”，即发布者发生改变后，会通知所有订阅者。",{"path":773,"title":774,"description":11},"\u002Ftutorials\u002Fdev-idea\u002Fdesign-patterns\u002Fcreate-patterns\u002Ffactory-pattern","工厂模式",{"path":776,"title":777,"description":778},"\u002Ftutorials\u002Fdev-idea\u002Fdesign-patterns\u002Fcreate-patterns\u002Fsingleton-pattern","单例模式","单例模式是最常用的设计模式之一，他可以保证在整个应用中，某个类只存在一个实例化对象，即全局使用到该类的只有一个对象，这种模式在需要限制某些类的实例数量时非常有用，通常全局只需要一个该对象即可，如一些配置文件映射对象、数据库连接对象等。",{"path":780,"title":781,"description":782},"\u002Ftutorials\u002Fdev-idea\u002Fdesign-patterns\u002Fstructural-patterns\u002Fadapter-pattern","适配器模式","适配器模式是一种结构型模式，可以将一个类的接口转换成客户端所期望的另一种接口，适配器模式可以帮助开发人员在不修改现有代码的情况下，将不兼容的类组合在一起。",{"path":784,"title":785,"description":786},"\u002Ftutorials\u002Fdev-tools\u002Fgit\u002Fgit-basic-operations","Git 创建版本库","在 Git 上创建版本库有两种方式，一种是直接拷贝远程 Git 仓库到本地，另外一种是我们自己创建本地的版本库。",{"path":788,"title":789,"description":11},"\u002Ftutorials\u002Fdev-tools\u002Fgit\u002Fgit-branch-manage","Git 分支管理",{"path":791,"title":792,"description":11},"\u002Ftutorials\u002Fdev-tools\u002Fgit\u002Fgit-content-operations","Git 仓库内容操作",{"path":794,"title":795,"description":11},"\u002Ftutorials\u002Fdev-tools\u002Fgit\u002Fgit-introduce-install","Git 介绍和安装",{"path":797,"title":798,"description":11},"\u002Ftutorials\u002Fdev-tools\u002Fgit\u002Fgit-remote-manage","Git 远程管理",{"path":800,"title":801,"description":11},"\u002Ftutorials\u002Fdev-tools\u002Fgit\u002Fgit-workspace-index-repo","Git 工作原理",{"path":803,"title":804,"description":11},"\u002Ftutorials\u002Fdev-tools\u002Fhomebrew","HomeBrew 教程",{"path":806,"title":807,"description":11},"\u002Ftutorials\u002Fdev-tools\u002Fidea\u002Fshortcuts","快捷键",{"path":809,"title":810,"description":11},"\u002Ftutorials\u002Fdev-tools\u002Fmaven\u002Fintroduce-install-config","Maven - 介绍、安装、配置",{"path":812,"title":813,"description":11},"\u002Ftutorials\u002Ffront-end\u002Fvue3\u002Fbasic-knowledge","2. 基础知识",{"path":815,"title":816,"description":817},"\u002Ftutorials\u002Ffront-end\u002Fvue3\u002Fcomponent-communication","9. 组件通信","在前面的章节内，介绍了 Vue 中最核心的内容——组件的介绍和使用，和 Java 等编程语言相反，组件并不近似于这些变成语言中的类，类可以通过类或者其实例化的对象来相互交互，但 Vue 组件之间的作用域是相互独立的，这就意味着不同组件之间的数据无法相互引用。",{"path":819,"title":820,"description":821},"\u002Ftutorials\u002Ffront-end\u002Fvue3\u002Fcomputed","4. 计算属性","虽然直接在模板中使用表达式方便，但是如果在模板中添加很多逻辑，会让模板变的臃肿且难维护，耦合度较高。有没有一种简单的方式来实现呢？答案是有的。",{"path":823,"title":824,"description":11},"\u002Ftutorials\u002Ffront-end\u002Fvue3\u002Fcreate-vue-project","1. 环境搭建及安装",{"path":826,"title":827,"description":828},"\u002Ftutorials\u002Ffront-end\u002Fvue3\u002Flife-cycle","6. 生命周期","生命周期是指组件从创建、挂载、更新到销毁的整个过程中所经历的一系列阶段。在 Vue 中，每个组件都有自己的生命周期，可以通过生命周期钩子函数来监听和处理组件在不同阶段的行为和状态。",{"path":830,"title":831,"description":11},"\u002Ftutorials\u002Ffront-end\u002Fvue3\u002Fother-api","10. 其他 API",{"path":833,"title":834,"description":11},"\u002Ftutorials\u002Ffront-end\u002Fvue3\u002Fpinia","8. Pinia",{"path":836,"title":837,"description":11},"\u002Ftutorials\u002Ffront-end\u002Fvue3\u002Frouter","7. 路由",{"path":839,"title":840,"description":11},"\u002Ftutorials\u002Ffront-end\u002Fvue3\u002Ftemplate-grammar","3. 指令及模板语法",{"path":842,"title":843,"description":11},"\u002Ftutorials\u002Ffront-end\u002Fvue3\u002Fvue3-new-component","11. Vue3 新组件",{"path":845,"title":846,"description":847},"\u002Ftutorials\u002Ffront-end\u002Fvue3\u002Fwatch","5. 监视","Watch 是 Vue 提供的一个用于监视响应式数据变化并执行相应操作的 API，能够对响应式数据的变化做出一些操作的功能。Vue3 中的 Watch 支持多种用法，包括监视响应式对象、ref 对象、数组、函数等。",{"path":849,"title":850,"description":11},"\u002Ftutorials\u002Fmq\u002Fkafka\u002Fkafka-introduction","Kafka 简介与安装",{"path":852,"title":853,"description":11},"\u002Ftutorials\u002Fmq\u002Fkafka\u002Fkafka-producer-consumer","Kafka 生产者与消费者",{"path":855,"title":856,"description":857},"\u002Ftutorials\u002Fmq\u002Fkafka\u002Fkafka-springboot","Spring Boot 整合 Kafka","Spring Kafka 提供了对 Apache Kafka 的便捷集成。",{"path":859,"title":860,"description":861},"\u002Ftutorials\u002Fmq\u002Frabbitmq\u002Frabbitmq-exchange","RabbitMQ Exchange 详解","Exchange（交换机）是 RabbitMQ 的核心组件，负责接收生产者发送的消息，并根据规则将消息路由到一个或多个队列。",{"path":863,"title":864,"description":11},"\u002Ftutorials\u002Fmq\u002Frabbitmq\u002Frabbitmq-introduction","RabbitMQ 简介与安装",{"path":866,"title":867,"description":868},"\u002Ftutorials\u002Fmq\u002Frabbitmq\u002Frabbitmq-reliability","RabbitMQ 消息可靠性","消息可靠性是消息队列的核心要求，RabbitMQ 提供了多种机制来保证消息不丢失。",{"path":870,"title":871,"description":872},"\u002Ftutorials\u002Fmq\u002Frabbitmq\u002Frabbitmq-springboot","Spring Boot 整合 RabbitMQ","Spring AMQP 提供了对 RabbitMQ 的便捷集成，大大简化了开发工作。",{"path":874,"title":875,"description":11},"\u002Ftutorials\u002Fmq\u002Frocketmq\u002Frocketmq-client","RocketMQ 客户端使用",{"path":877,"title":878,"description":11},"\u002Ftutorials\u002Fmq\u002Frocketmq\u002Frocketmq-concepts","RocketMQ 核心概念",{"path":880,"title":881,"description":11},"\u002Ftutorials\u002Fmq\u002Frocketmq\u002Frocketmq-installation","RocketMQ 安装部署",{"path":883,"title":884,"description":885},"\u002Ftutorials\u002Fmq\u002Frocketmq\u002Frocketmq-message-type","RocketMQ 消息类型","RocketMQ 支持多种消息类型，满足不同业务场景需求。",{"id":887,"title":693,"body":888,"description":11,"extension":3828,"meta":3829,"navigation":1016,"path":692,"seo":3830,"stem":3831,"__hash__":3832},"docs\u002Ftutorials\u002Fcloud\u002Fnginx\u002Fnginx-https.md",{"type":889,"value":890,"toc":3786},"minimark",[891,895,899,904,965,968,972,1157,1161,1164,1298,1301,1309,1312,1315,1408,1411,1415,1588,1592,1895,1899,1902,1933,1936,1989,1992,2019,2022,2079,2083,2086,2145,2149,2152,2219,2224,2227,2231,2253,2256,2278,2281,2402,2405,2408,2504,2534,2537,2600,2603,2606,2667,2670,2731,2735,2856,2860,2864,2953,2956,2991,2995,3171,3175,3178,3198,3201,3347,3350,3716,3719,3778,3782],[892,893,894],"h2",{"id":894},"概述",[896,897,898],"p",{},"HTTPS（HTTP Secure）通过 SSL\u002FTLS 加密 HTTP 通信，保护数据传输安全。配置 HTTPS 是现代网站的标准要求。",[900,901,903],"h3",{"id":902},"https-的优势","HTTPS 的优势",[905,906,907,921],"table",{},[908,909,910],"thead",{},[911,912,913,918],"tr",{},[914,915,917],"th",{"align":916},"left","优势",[914,919,920],{"align":916},"说明",[922,923,924,933,941,949,957],"tbody",{},[911,925,926,930],{},[927,928,929],"td",{"align":916},"数据加密",[927,931,932],{"align":916},"防止数据在传输中被窃听",[911,934,935,938],{},[927,936,937],{"align":916},"身份验证",[927,939,940],{"align":916},"确认服务器身份，防止钓鱼",[911,942,943,946],{},[927,944,945],{"align":916},"数据完整性",[927,947,948],{"align":916},"防止数据在传输中被篡改",[911,950,951,954],{},[927,952,953],{"align":916},"SEO 加分",[927,955,956],{"align":916},"搜索引擎对 HTTPS 网站有加分",[911,958,959,962],{},[927,960,961],{"align":916},"浏览器信任",[927,963,964],{"align":916},"避免\"不安全\"警告",[892,966,967],{"id":967},"证书获取",[900,969,971],{"id":970},"自签名证书测试用","自签名证书（测试用）",[973,974,978],"pre",{"className":975,"code":976,"language":977,"meta":11,"style":11},"language-bash shiki shiki-themes github-light github-light github-dark","# 生成私钥\nopenssl genrsa -out server.key 2048\n\n# 生成证书签名请求\nopenssl req -new -key server.key -out server.csr\n\n# 生成自签名证书\nopenssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt\n\n# 或者一步生成\nopenssl req -x509 -nodes -days 365 -newkey rsa:2048 \\\n  -keyout \u002Fetc\u002Fnginx\u002Fssl\u002Fserver.key \\\n  -out \u002Fetc\u002Fnginx\u002Fssl\u002Fserver.crt \\\n  -subj \"\u002FC=CN\u002FST=Beijing\u002FL=Beijing\u002FO=Example\u002FCN=example.com\"\n","bash",[979,980,981,990,1011,1018,1024,1045,1050,1056,1089,1094,1100,1126,1137,1148],"code",{"__ignoreMap":11},[982,983,986],"span",{"class":984,"line":985},"line",1,[982,987,989],{"class":988},"sCsY4","# 生成私钥\n",[982,991,993,997,1001,1005,1008],{"class":984,"line":992},2,[982,994,996],{"class":995},"snPdu","openssl",[982,998,1000],{"class":999},"sIIMD"," genrsa",[982,1002,1004],{"class":1003},"sBjJW"," -out",[982,1006,1007],{"class":999}," server.key",[982,1009,1010],{"class":1003}," 2048\n",[982,1012,1014],{"class":984,"line":1013},3,[982,1015,1017],{"emptyLinePlaceholder":1016},true,"\n",[982,1019,1021],{"class":984,"line":1020},4,[982,1022,1023],{"class":988},"# 生成证书签名请求\n",[982,1025,1027,1029,1032,1035,1038,1040,1042],{"class":984,"line":1026},5,[982,1028,996],{"class":995},[982,1030,1031],{"class":999}," req",[982,1033,1034],{"class":1003}," -new",[982,1036,1037],{"class":1003}," -key",[982,1039,1007],{"class":999},[982,1041,1004],{"class":1003},[982,1043,1044],{"class":999}," server.csr\n",[982,1046,1048],{"class":984,"line":1047},6,[982,1049,1017],{"emptyLinePlaceholder":1016},[982,1051,1053],{"class":984,"line":1052},7,[982,1054,1055],{"class":988},"# 生成自签名证书\n",[982,1057,1059,1061,1064,1067,1070,1073,1076,1079,1082,1084,1086],{"class":984,"line":1058},8,[982,1060,996],{"class":995},[982,1062,1063],{"class":999}," x509",[982,1065,1066],{"class":1003}," -req",[982,1068,1069],{"class":1003}," -days",[982,1071,1072],{"class":1003}," 365",[982,1074,1075],{"class":1003}," -in",[982,1077,1078],{"class":999}," server.csr",[982,1080,1081],{"class":1003}," -signkey",[982,1083,1007],{"class":999},[982,1085,1004],{"class":1003},[982,1087,1088],{"class":999}," server.crt\n",[982,1090,1092],{"class":984,"line":1091},9,[982,1093,1017],{"emptyLinePlaceholder":1016},[982,1095,1097],{"class":984,"line":1096},10,[982,1098,1099],{"class":988},"# 或者一步生成\n",[982,1101,1103,1105,1107,1110,1113,1115,1117,1120,1123],{"class":984,"line":1102},11,[982,1104,996],{"class":995},[982,1106,1031],{"class":999},[982,1108,1109],{"class":1003}," -x509",[982,1111,1112],{"class":1003}," -nodes",[982,1114,1069],{"class":1003},[982,1116,1072],{"class":1003},[982,1118,1119],{"class":1003}," -newkey",[982,1121,1122],{"class":999}," rsa:2048",[982,1124,1125],{"class":1003}," \\\n",[982,1127,1129,1132,1135],{"class":984,"line":1128},12,[982,1130,1131],{"class":1003},"  -keyout",[982,1133,1134],{"class":999}," \u002Fetc\u002Fnginx\u002Fssl\u002Fserver.key",[982,1136,1125],{"class":1003},[982,1138,1140,1143,1146],{"class":984,"line":1139},13,[982,1141,1142],{"class":1003},"  -out",[982,1144,1145],{"class":999}," \u002Fetc\u002Fnginx\u002Fssl\u002Fserver.crt",[982,1147,1125],{"class":1003},[982,1149,1151,1154],{"class":984,"line":1150},14,[982,1152,1153],{"class":1003},"  -subj",[982,1155,1156],{"class":999}," \"\u002FC=CN\u002FST=Beijing\u002FL=Beijing\u002FO=Example\u002FCN=example.com\"\n",[900,1158,1160],{"id":1159},"lets-encrypt免费证书","Let's Encrypt（免费证书）",[896,1162,1163],{},"使用 Certbot 自动获取和续期证书：",[973,1165,1167],{"className":975,"code":1166,"language":977,"meta":11,"style":11},"# 安装 Certbot\nsudo apt install certbot python3-certbot-nginx -y\n\n# 获取证书（自动配置 Nginx）\nsudo certbot --nginx -d example.com -d www.example.com\n\n# 仅获取证书（手动配置）\nsudo certbot certonly --webroot -w \u002Fvar\u002Fwww\u002Fhtml -d example.com\n\n# 测试自动续期\nsudo certbot renew --dry-run\n\n# 设置自动续期（通常已自动配置）\nsudo systemctl enable certbot.timer\n",[979,1168,1169,1174,1194,1198,1203,1223,1227,1232,1255,1259,1264,1276,1280,1285],{"__ignoreMap":11},[982,1170,1171],{"class":984,"line":985},[982,1172,1173],{"class":988},"# 安装 Certbot\n",[982,1175,1176,1179,1182,1185,1188,1191],{"class":984,"line":992},[982,1177,1178],{"class":995},"sudo",[982,1180,1181],{"class":999}," apt",[982,1183,1184],{"class":999}," install",[982,1186,1187],{"class":999}," certbot",[982,1189,1190],{"class":999}," python3-certbot-nginx",[982,1192,1193],{"class":1003}," -y\n",[982,1195,1196],{"class":984,"line":1013},[982,1197,1017],{"emptyLinePlaceholder":1016},[982,1199,1200],{"class":984,"line":1020},[982,1201,1202],{"class":988},"# 获取证书（自动配置 Nginx）\n",[982,1204,1205,1207,1209,1212,1215,1218,1220],{"class":984,"line":1026},[982,1206,1178],{"class":995},[982,1208,1187],{"class":999},[982,1210,1211],{"class":1003}," --nginx",[982,1213,1214],{"class":1003}," -d",[982,1216,1217],{"class":999}," example.com",[982,1219,1214],{"class":1003},[982,1221,1222],{"class":999}," www.example.com\n",[982,1224,1225],{"class":984,"line":1047},[982,1226,1017],{"emptyLinePlaceholder":1016},[982,1228,1229],{"class":984,"line":1052},[982,1230,1231],{"class":988},"# 仅获取证书（手动配置）\n",[982,1233,1234,1236,1238,1241,1244,1247,1250,1252],{"class":984,"line":1058},[982,1235,1178],{"class":995},[982,1237,1187],{"class":999},[982,1239,1240],{"class":999}," certonly",[982,1242,1243],{"class":1003}," --webroot",[982,1245,1246],{"class":1003}," -w",[982,1248,1249],{"class":999}," \u002Fvar\u002Fwww\u002Fhtml",[982,1251,1214],{"class":1003},[982,1253,1254],{"class":999}," example.com\n",[982,1256,1257],{"class":984,"line":1091},[982,1258,1017],{"emptyLinePlaceholder":1016},[982,1260,1261],{"class":984,"line":1096},[982,1262,1263],{"class":988},"# 测试自动续期\n",[982,1265,1266,1268,1270,1273],{"class":984,"line":1102},[982,1267,1178],{"class":995},[982,1269,1187],{"class":999},[982,1271,1272],{"class":999}," renew",[982,1274,1275],{"class":1003}," --dry-run\n",[982,1277,1278],{"class":984,"line":1128},[982,1279,1017],{"emptyLinePlaceholder":1016},[982,1281,1282],{"class":984,"line":1139},[982,1283,1284],{"class":988},"# 设置自动续期（通常已自动配置）\n",[982,1286,1287,1289,1292,1295],{"class":984,"line":1150},[982,1288,1178],{"class":995},[982,1290,1291],{"class":999}," systemctl",[982,1293,1294],{"class":999}," enable",[982,1296,1297],{"class":999}," certbot.timer\n",[896,1299,1300],{},"证书位置：",[973,1302,1307],{"className":1303,"code":1305,"language":1306},[1304],"language-text","\u002Fetc\u002Fletsencrypt\u002Flive\u002Fexample.com\u002F\n├── fullchain.pem   # 证书链\n├── privkey.pem     # 私钥\n├── cert.pem        # 证书\n└── chain.pem       # 中间证书\n","text",[979,1308,1305],{"__ignoreMap":11},[900,1310,1311],{"id":1311},"商业证书",[896,1313,1314],{},"从 CA 机构（如 DigiCert、Comodo）购买后：",[973,1316,1318],{"className":975,"code":1317,"language":977,"meta":11,"style":11},"# 合并证书链\ncat your_domain.crt intermediate.crt root.crt > fullchain.crt\n\n# 放置到安全位置\nsudo mkdir -p \u002Fetc\u002Fnginx\u002Fssl\nsudo cp fullchain.crt \u002Fetc\u002Fnginx\u002Fssl\u002F\nsudo cp your_domain.key \u002Fetc\u002Fnginx\u002Fssl\u002F\nsudo chmod 600 \u002Fetc\u002Fnginx\u002Fssl\u002F*\n",[979,1319,1320,1325,1346,1350,1355,1368,1381,1392],{"__ignoreMap":11},[982,1321,1322],{"class":984,"line":985},[982,1323,1324],{"class":988},"# 合并证书链\n",[982,1326,1327,1330,1333,1336,1339,1343],{"class":984,"line":992},[982,1328,1329],{"class":995},"cat",[982,1331,1332],{"class":999}," your_domain.crt",[982,1334,1335],{"class":999}," intermediate.crt",[982,1337,1338],{"class":999}," root.crt",[982,1340,1342],{"class":1341},"s8jYJ"," >",[982,1344,1345],{"class":999}," fullchain.crt\n",[982,1347,1348],{"class":984,"line":1013},[982,1349,1017],{"emptyLinePlaceholder":1016},[982,1351,1352],{"class":984,"line":1020},[982,1353,1354],{"class":988},"# 放置到安全位置\n",[982,1356,1357,1359,1362,1365],{"class":984,"line":1026},[982,1358,1178],{"class":995},[982,1360,1361],{"class":999}," mkdir",[982,1363,1364],{"class":1003}," -p",[982,1366,1367],{"class":999}," \u002Fetc\u002Fnginx\u002Fssl\n",[982,1369,1370,1372,1375,1378],{"class":984,"line":1047},[982,1371,1178],{"class":995},[982,1373,1374],{"class":999}," cp",[982,1376,1377],{"class":999}," fullchain.crt",[982,1379,1380],{"class":999}," \u002Fetc\u002Fnginx\u002Fssl\u002F\n",[982,1382,1383,1385,1387,1390],{"class":984,"line":1052},[982,1384,1178],{"class":995},[982,1386,1374],{"class":999},[982,1388,1389],{"class":999}," your_domain.key",[982,1391,1380],{"class":999},[982,1393,1394,1396,1399,1402,1405],{"class":984,"line":1058},[982,1395,1178],{"class":995},[982,1397,1398],{"class":999}," chmod",[982,1400,1401],{"class":1003}," 600",[982,1403,1404],{"class":999}," \u002Fetc\u002Fnginx\u002Fssl\u002F",[982,1406,1407],{"class":1003},"*\n",[892,1409,1410],{"id":1410},"基本配置",[900,1412,1414],{"id":1413},"最简-https-配置","最简 HTTPS 配置",[973,1416,1420],{"className":1417,"code":1418,"language":1419,"meta":11,"style":11},"language-nginx shiki shiki-themes github-light github-light github-dark","server {\n    listen 443 ssl;\n    server_name example.com;\n    \n    # SSL 证书\n    ssl_certificate \u002Fetc\u002Fnginx\u002Fssl\u002Ffullchain.crt;\n    ssl_certificate_key \u002Fetc\u002Fnginx\u002Fssl\u002Fserver.key;\n    \n    root \u002Fvar\u002Fwww\u002Fhtml;\n    index index.html;\n    \n    location \u002F {\n        try_files $uri $uri\u002F =404;\n    }\n}\n\n# HTTP 重定向到 HTTPS\nserver {\n    listen 80;\n    server_name example.com;\n    return 301 https:\u002F\u002F$server_name$request_uri;\n}\n","nginx",[979,1421,1422,1431,1442,1450,1455,1460,1468,1476,1480,1488,1496,1500,1511,1525,1530,1536,1541,1547,1554,1564,1571,1583],{"__ignoreMap":11},[982,1423,1424,1427],{"class":984,"line":985},[982,1425,1426],{"class":1341},"server",[982,1428,1430],{"class":1429},"sxrX7"," {\n",[982,1432,1433,1436,1439],{"class":984,"line":992},[982,1434,1435],{"class":1341},"    listen ",[982,1437,1438],{"class":1003},"443",[982,1440,1441],{"class":1429}," ssl;\n",[982,1443,1444,1447],{"class":984,"line":1013},[982,1445,1446],{"class":1341},"    server_name ",[982,1448,1449],{"class":1429},"example.com;\n",[982,1451,1452],{"class":984,"line":1020},[982,1453,1454],{"class":1429},"    \n",[982,1456,1457],{"class":984,"line":1026},[982,1458,1459],{"class":988},"    # SSL 证书\n",[982,1461,1462,1465],{"class":984,"line":1047},[982,1463,1464],{"class":1341},"    ssl_certificate ",[982,1466,1467],{"class":1429},"\u002Fetc\u002Fnginx\u002Fssl\u002Ffullchain.crt;\n",[982,1469,1470,1473],{"class":984,"line":1052},[982,1471,1472],{"class":1341},"    ssl_certificate_key ",[982,1474,1475],{"class":1429},"\u002Fetc\u002Fnginx\u002Fssl\u002Fserver.key;\n",[982,1477,1478],{"class":984,"line":1058},[982,1479,1454],{"class":1429},[982,1481,1482,1485],{"class":984,"line":1091},[982,1483,1484],{"class":1341},"    root ",[982,1486,1487],{"class":1429},"\u002Fvar\u002Fwww\u002Fhtml;\n",[982,1489,1490,1493],{"class":984,"line":1096},[982,1491,1492],{"class":1341},"    index ",[982,1494,1495],{"class":1429},"index.html;\n",[982,1497,1498],{"class":984,"line":1102},[982,1499,1454],{"class":1429},[982,1501,1502,1505,1508],{"class":984,"line":1128},[982,1503,1504],{"class":1341},"    location",[982,1506,1507],{"class":995}," \u002F ",[982,1509,1510],{"class":1429},"{\n",[982,1512,1513,1516,1519,1522],{"class":984,"line":1139},[982,1514,1515],{"class":1341},"        try_files ",[982,1517,1518],{"class":1429},"$uri $uri\u002F ",[982,1520,1521],{"class":1003},"=404",[982,1523,1524],{"class":1429},";\n",[982,1526,1527],{"class":984,"line":1150},[982,1528,1529],{"class":1429},"    }\n",[982,1531,1533],{"class":984,"line":1532},15,[982,1534,1535],{"class":1429},"}\n",[982,1537,1539],{"class":984,"line":1538},16,[982,1540,1017],{"emptyLinePlaceholder":1016},[982,1542,1544],{"class":984,"line":1543},17,[982,1545,1546],{"class":988},"# HTTP 重定向到 HTTPS\n",[982,1548,1550,1552],{"class":984,"line":1549},18,[982,1551,1426],{"class":1341},[982,1553,1430],{"class":1429},[982,1555,1557,1559,1562],{"class":984,"line":1556},19,[982,1558,1435],{"class":1341},[982,1560,1561],{"class":1003},"80",[982,1563,1524],{"class":1429},[982,1565,1567,1569],{"class":984,"line":1566},20,[982,1568,1446],{"class":1341},[982,1570,1449],{"class":1429},[982,1572,1574,1577,1580],{"class":984,"line":1573},21,[982,1575,1576],{"class":1341},"    return",[982,1578,1579],{"class":1003}," 301",[982,1581,1582],{"class":1429}," https:\u002F\u002F$server_name$request_uri;\n",[982,1584,1586],{"class":984,"line":1585},22,[982,1587,1535],{"class":1429},[900,1589,1591],{"id":1590},"完整-https-配置","完整 HTTPS 配置",[973,1593,1595],{"className":1417,"code":1594,"language":1419,"meta":11,"style":11},"server {\n    listen 443 ssl http2;\n    server_name example.com www.example.com;\n    \n    # 证书配置\n    ssl_certificate \u002Fetc\u002Fletsencrypt\u002Flive\u002Fexample.com\u002Ffullchain.pem;\n    ssl_certificate_key \u002Fetc\u002Fletsencrypt\u002Flive\u002Fexample.com\u002Fprivkey.pem;\n    \n    # SSL 协议和加密套件\n    ssl_protocols TLSv1.2 TLSv1.3;\n    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;\n    ssl_prefer_server_ciphers on;\n    \n    # SSL 会话缓存\n    ssl_session_cache shared:SSL:10m;\n    ssl_session_timeout 1d;\n    ssl_session_tickets off;\n    \n    # OCSP Stapling\n    ssl_stapling on;\n    ssl_stapling_verify on;\n    ssl_trusted_certificate \u002Fetc\u002Fletsencrypt\u002Flive\u002Fexample.com\u002Fchain.pem;\n    resolver 8.8.8.8 8.8.4.4 valid=300s;\n    resolver_timeout 5s;\n    \n    # 安全头\n    add_header Strict-Transport-Security \"max-age=31536000; includeSubDomains\" always;\n    add_header X-Frame-Options \"SAMEORIGIN\" always;\n    add_header X-Content-Type-Options \"nosniff\" always;\n    add_header X-XSS-Protection \"1; mode=block\" always;\n    \n    root \u002Fvar\u002Fwww\u002Fexample.com;\n    index index.html;\n    \n    location \u002F {\n        try_files $uri $uri\u002F =404;\n    }\n}\n",[979,1596,1597,1603,1612,1619,1623,1628,1635,1642,1646,1651,1659,1667,1677,1681,1686,1694,1704,1714,1718,1723,1732,1741,1749,1764,1775,1780,1786,1801,1814,1827,1840,1845,1853,1860,1865,1874,1885,1890],{"__ignoreMap":11},[982,1598,1599,1601],{"class":984,"line":985},[982,1600,1426],{"class":1341},[982,1602,1430],{"class":1429},[982,1604,1605,1607,1609],{"class":984,"line":992},[982,1606,1435],{"class":1341},[982,1608,1438],{"class":1003},[982,1610,1611],{"class":1429}," ssl http2;\n",[982,1613,1614,1616],{"class":984,"line":1013},[982,1615,1446],{"class":1341},[982,1617,1618],{"class":1429},"example.com www.example.com;\n",[982,1620,1621],{"class":984,"line":1020},[982,1622,1454],{"class":1429},[982,1624,1625],{"class":984,"line":1026},[982,1626,1627],{"class":988},"    # 证书配置\n",[982,1629,1630,1632],{"class":984,"line":1047},[982,1631,1464],{"class":1341},[982,1633,1634],{"class":1429},"\u002Fetc\u002Fletsencrypt\u002Flive\u002Fexample.com\u002Ffullchain.pem;\n",[982,1636,1637,1639],{"class":984,"line":1052},[982,1638,1472],{"class":1341},[982,1640,1641],{"class":1429},"\u002Fetc\u002Fletsencrypt\u002Flive\u002Fexample.com\u002Fprivkey.pem;\n",[982,1643,1644],{"class":984,"line":1058},[982,1645,1454],{"class":1429},[982,1647,1648],{"class":984,"line":1091},[982,1649,1650],{"class":988},"    # SSL 协议和加密套件\n",[982,1652,1653,1656],{"class":984,"line":1096},[982,1654,1655],{"class":1341},"    ssl_protocols ",[982,1657,1658],{"class":1429},"TLSv1.2 TLSv1.3;\n",[982,1660,1661,1664],{"class":984,"line":1102},[982,1662,1663],{"class":1341},"    ssl_ciphers ",[982,1665,1666],{"class":1429},"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;\n",[982,1668,1669,1672,1675],{"class":984,"line":1128},[982,1670,1671],{"class":1341},"    ssl_prefer_server_ciphers ",[982,1673,1674],{"class":1003},"on",[982,1676,1524],{"class":1429},[982,1678,1679],{"class":984,"line":1139},[982,1680,1454],{"class":1429},[982,1682,1683],{"class":984,"line":1150},[982,1684,1685],{"class":988},"    # SSL 会话缓存\n",[982,1687,1688,1691],{"class":984,"line":1532},[982,1689,1690],{"class":1341},"    ssl_session_cache ",[982,1692,1693],{"class":1429},"shared:SSL:10m;\n",[982,1695,1696,1699,1702],{"class":984,"line":1538},[982,1697,1698],{"class":1341},"    ssl_session_timeout ",[982,1700,1701],{"class":1003},"1d",[982,1703,1524],{"class":1429},[982,1705,1706,1709,1712],{"class":984,"line":1543},[982,1707,1708],{"class":1341},"    ssl_session_tickets ",[982,1710,1711],{"class":1003},"off",[982,1713,1524],{"class":1429},[982,1715,1716],{"class":984,"line":1549},[982,1717,1454],{"class":1429},[982,1719,1720],{"class":984,"line":1556},[982,1721,1722],{"class":988},"    # OCSP Stapling\n",[982,1724,1725,1728,1730],{"class":984,"line":1566},[982,1726,1727],{"class":1341},"    ssl_stapling ",[982,1729,1674],{"class":1003},[982,1731,1524],{"class":1429},[982,1733,1734,1737,1739],{"class":984,"line":1573},[982,1735,1736],{"class":1341},"    ssl_stapling_verify ",[982,1738,1674],{"class":1003},[982,1740,1524],{"class":1429},[982,1742,1743,1746],{"class":984,"line":1585},[982,1744,1745],{"class":1341},"    ssl_trusted_certificate ",[982,1747,1748],{"class":1429},"\u002Fetc\u002Fletsencrypt\u002Flive\u002Fexample.com\u002Fchain.pem;\n",[982,1750,1752,1755,1758,1761],{"class":984,"line":1751},23,[982,1753,1754],{"class":1341},"    resolver ",[982,1756,1757],{"class":1003},"8.8.8.8",[982,1759,1760],{"class":1003}," 8.8.4.4",[982,1762,1763],{"class":1429}," valid=300s;\n",[982,1765,1767,1770,1773],{"class":984,"line":1766},24,[982,1768,1769],{"class":1341},"    resolver_timeout ",[982,1771,1772],{"class":1003},"5s",[982,1774,1524],{"class":1429},[982,1776,1778],{"class":984,"line":1777},25,[982,1779,1454],{"class":1429},[982,1781,1783],{"class":984,"line":1782},26,[982,1784,1785],{"class":988},"    # 安全头\n",[982,1787,1789,1792,1795,1798],{"class":984,"line":1788},27,[982,1790,1791],{"class":1341},"    add_header ",[982,1793,1794],{"class":1429},"Strict-Transport-Security ",[982,1796,1797],{"class":999},"\"max-age=31536000; includeSubDomains\"",[982,1799,1800],{"class":1429}," always;\n",[982,1802,1804,1806,1809,1812],{"class":984,"line":1803},28,[982,1805,1791],{"class":1341},[982,1807,1808],{"class":1429},"X-Frame-Options ",[982,1810,1811],{"class":999},"\"SAMEORIGIN\"",[982,1813,1800],{"class":1429},[982,1815,1817,1819,1822,1825],{"class":984,"line":1816},29,[982,1818,1791],{"class":1341},[982,1820,1821],{"class":1429},"X-Content-Type-Options ",[982,1823,1824],{"class":999},"\"nosniff\"",[982,1826,1800],{"class":1429},[982,1828,1830,1832,1835,1838],{"class":984,"line":1829},30,[982,1831,1791],{"class":1341},[982,1833,1834],{"class":1429},"X-XSS-Protection ",[982,1836,1837],{"class":999},"\"1; mode=block\"",[982,1839,1800],{"class":1429},[982,1841,1843],{"class":984,"line":1842},31,[982,1844,1454],{"class":1429},[982,1846,1848,1850],{"class":984,"line":1847},32,[982,1849,1484],{"class":1341},[982,1851,1852],{"class":1429},"\u002Fvar\u002Fwww\u002Fexample.com;\n",[982,1854,1856,1858],{"class":984,"line":1855},33,[982,1857,1492],{"class":1341},[982,1859,1495],{"class":1429},[982,1861,1863],{"class":984,"line":1862},34,[982,1864,1454],{"class":1429},[982,1866,1868,1870,1872],{"class":984,"line":1867},35,[982,1869,1504],{"class":1341},[982,1871,1507],{"class":995},[982,1873,1510],{"class":1429},[982,1875,1877,1879,1881,1883],{"class":984,"line":1876},36,[982,1878,1515],{"class":1341},[982,1880,1518],{"class":1429},[982,1882,1521],{"class":1003},[982,1884,1524],{"class":1429},[982,1886,1888],{"class":984,"line":1887},37,[982,1889,1529],{"class":1429},[982,1891,1893],{"class":984,"line":1892},38,[982,1894,1535],{"class":1429},[892,1896,1898],{"id":1897},"ssltls-优化","SSL\u002FTLS 优化",[900,1900,1901],{"id":1901},"协议版本",[973,1903,1905],{"className":1417,"code":1904,"language":1419,"meta":11,"style":11},"# 推荐配置：仅支持 TLS 1.2 和 1.3\nssl_protocols TLSv1.2 TLSv1.3;\n\n# 如需兼容旧客户端（不推荐）\n# ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;\n",[979,1906,1907,1912,1919,1923,1928],{"__ignoreMap":11},[982,1908,1909],{"class":984,"line":985},[982,1910,1911],{"class":988},"# 推荐配置：仅支持 TLS 1.2 和 1.3\n",[982,1913,1914,1917],{"class":984,"line":992},[982,1915,1916],{"class":1341},"ssl_protocols ",[982,1918,1658],{"class":1429},[982,1920,1921],{"class":984,"line":1013},[982,1922,1017],{"emptyLinePlaceholder":1016},[982,1924,1925],{"class":984,"line":1020},[982,1926,1927],{"class":988},"# 如需兼容旧客户端（不推荐）\n",[982,1929,1930],{"class":984,"line":1026},[982,1931,1932],{"class":988},"# ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;\n",[900,1934,1935],{"id":1935},"加密套件",[973,1937,1939],{"className":1417,"code":1938,"language":1419,"meta":11,"style":11},"# 现代安全配置\nssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;\n\n# 优先使用服务器的加密套件顺序\nssl_prefer_server_ciphers on;\n\n# DH 参数（增强前向安全性）\nssl_dhparam \u002Fetc\u002Fnginx\u002Fssl\u002Fdhparam.pem;\n",[979,1940,1941,1946,1954,1958,1963,1972,1976,1981],{"__ignoreMap":11},[982,1942,1943],{"class":984,"line":985},[982,1944,1945],{"class":988},"# 现代安全配置\n",[982,1947,1948,1951],{"class":984,"line":992},[982,1949,1950],{"class":1341},"ssl_ciphers ",[982,1952,1953],{"class":1429},"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;\n",[982,1955,1956],{"class":984,"line":1013},[982,1957,1017],{"emptyLinePlaceholder":1016},[982,1959,1960],{"class":984,"line":1020},[982,1961,1962],{"class":988},"# 优先使用服务器的加密套件顺序\n",[982,1964,1965,1968,1970],{"class":984,"line":1026},[982,1966,1967],{"class":1341},"ssl_prefer_server_ciphers ",[982,1969,1674],{"class":1003},[982,1971,1524],{"class":1429},[982,1973,1974],{"class":984,"line":1047},[982,1975,1017],{"emptyLinePlaceholder":1016},[982,1977,1978],{"class":984,"line":1052},[982,1979,1980],{"class":988},"# DH 参数（增强前向安全性）\n",[982,1982,1983,1986],{"class":984,"line":1058},[982,1984,1985],{"class":1341},"ssl_dhparam ",[982,1987,1988],{"class":1429},"\u002Fetc\u002Fnginx\u002Fssl\u002Fdhparam.pem;\n",[896,1990,1991],{},"生成 DH 参数：",[973,1993,1995],{"className":975,"code":1994,"language":977,"meta":11,"style":11},"# 生成 DH 参数（需要几分钟）\nsudo openssl dhparam -out \u002Fetc\u002Fnginx\u002Fssl\u002Fdhparam.pem 2048\n",[979,1996,1997,2002],{"__ignoreMap":11},[982,1998,1999],{"class":984,"line":985},[982,2000,2001],{"class":988},"# 生成 DH 参数（需要几分钟）\n",[982,2003,2004,2006,2009,2012,2014,2017],{"class":984,"line":992},[982,2005,1178],{"class":995},[982,2007,2008],{"class":999}," openssl",[982,2010,2011],{"class":999}," dhparam",[982,2013,1004],{"class":1003},[982,2015,2016],{"class":999}," \u002Fetc\u002Fnginx\u002Fssl\u002Fdhparam.pem",[982,2018,1010],{"class":1003},[900,2020,2021],{"id":2021},"会话缓存",[973,2023,2025],{"className":1417,"code":2024,"language":1419,"meta":11,"style":11},"# 共享会话缓存\nssl_session_cache shared:SSL:10m;  # 10MB，约 40000 个会话\n\n# 会话超时\nssl_session_timeout 1d;\n\n# 禁用会话票证（更安全）\nssl_session_tickets off;\n",[979,2026,2027,2032,2043,2047,2052,2061,2065,2070],{"__ignoreMap":11},[982,2028,2029],{"class":984,"line":985},[982,2030,2031],{"class":988},"# 共享会话缓存\n",[982,2033,2034,2037,2040],{"class":984,"line":992},[982,2035,2036],{"class":1341},"ssl_session_cache ",[982,2038,2039],{"class":1429},"shared:SSL:10m;  ",[982,2041,2042],{"class":988},"# 10MB，约 40000 个会话\n",[982,2044,2045],{"class":984,"line":1013},[982,2046,1017],{"emptyLinePlaceholder":1016},[982,2048,2049],{"class":984,"line":1020},[982,2050,2051],{"class":988},"# 会话超时\n",[982,2053,2054,2057,2059],{"class":984,"line":1026},[982,2055,2056],{"class":1341},"ssl_session_timeout ",[982,2058,1701],{"class":1003},[982,2060,1524],{"class":1429},[982,2062,2063],{"class":984,"line":1047},[982,2064,1017],{"emptyLinePlaceholder":1016},[982,2066,2067],{"class":984,"line":1052},[982,2068,2069],{"class":988},"# 禁用会话票证（更安全）\n",[982,2071,2072,2075,2077],{"class":984,"line":1058},[982,2073,2074],{"class":1341},"ssl_session_tickets ",[982,2076,1711],{"class":1003},[982,2078,1524],{"class":1429},[900,2080,2082],{"id":2081},"ocsp-stapling","OCSP Stapling",[896,2084,2085],{},"OCSP Stapling 让服务器主动提供证书状态，减少客户端查询开销：",[973,2087,2089],{"className":1417,"code":2088,"language":1419,"meta":11,"style":11},"ssl_stapling on;\nssl_stapling_verify on;\nssl_trusted_certificate \u002Fetc\u002Fletsencrypt\u002Flive\u002Fexample.com\u002Fchain.pem;\n\n# DNS 解析器\nresolver 8.8.8.8 8.8.4.4 valid=300s;\nresolver_timeout 5s;\n",[979,2090,2091,2100,2109,2116,2120,2125,2136],{"__ignoreMap":11},[982,2092,2093,2096,2098],{"class":984,"line":985},[982,2094,2095],{"class":1341},"ssl_stapling ",[982,2097,1674],{"class":1003},[982,2099,1524],{"class":1429},[982,2101,2102,2105,2107],{"class":984,"line":992},[982,2103,2104],{"class":1341},"ssl_stapling_verify ",[982,2106,1674],{"class":1003},[982,2108,1524],{"class":1429},[982,2110,2111,2114],{"class":984,"line":1013},[982,2112,2113],{"class":1341},"ssl_trusted_certificate ",[982,2115,1748],{"class":1429},[982,2117,2118],{"class":984,"line":1020},[982,2119,1017],{"emptyLinePlaceholder":1016},[982,2121,2122],{"class":984,"line":1026},[982,2123,2124],{"class":988},"# DNS 解析器\n",[982,2126,2127,2130,2132,2134],{"class":984,"line":1047},[982,2128,2129],{"class":1341},"resolver ",[982,2131,1757],{"class":1003},[982,2133,1760],{"class":1003},[982,2135,1763],{"class":1429},[982,2137,2138,2141,2143],{"class":984,"line":1052},[982,2139,2140],{"class":1341},"resolver_timeout ",[982,2142,1772],{"class":1003},[982,2144,1524],{"class":1429},[892,2146,2148],{"id":2147},"http2-配置","HTTP\u002F2 配置",[896,2150,2151],{},"HTTP\u002F2 提供多路复用、头部压缩等优化，显著提升性能：",[973,2153,2155],{"className":1417,"code":2154,"language":1419,"meta":11,"style":11},"server {\n    listen 443 ssl http2;\n    server_name example.com;\n    \n    # HTTP\u002F2 特定配置\n    http2_max_concurrent_streams 128;\n    http2_idle_timeout 3m;\n    \n    # ...其他配置\n}\n",[979,2156,2157,2163,2171,2177,2181,2186,2196,2206,2210,2215],{"__ignoreMap":11},[982,2158,2159,2161],{"class":984,"line":985},[982,2160,1426],{"class":1341},[982,2162,1430],{"class":1429},[982,2164,2165,2167,2169],{"class":984,"line":992},[982,2166,1435],{"class":1341},[982,2168,1438],{"class":1003},[982,2170,1611],{"class":1429},[982,2172,2173,2175],{"class":984,"line":1013},[982,2174,1446],{"class":1341},[982,2176,1449],{"class":1429},[982,2178,2179],{"class":984,"line":1020},[982,2180,1454],{"class":1429},[982,2182,2183],{"class":984,"line":1026},[982,2184,2185],{"class":988},"    # HTTP\u002F2 特定配置\n",[982,2187,2188,2191,2194],{"class":984,"line":1047},[982,2189,2190],{"class":1341},"    http2_max_concurrent_streams ",[982,2192,2193],{"class":1003},"128",[982,2195,1524],{"class":1429},[982,2197,2198,2201,2204],{"class":984,"line":1052},[982,2199,2200],{"class":1341},"    http2_idle_timeout ",[982,2202,2203],{"class":1003},"3m",[982,2205,1524],{"class":1429},[982,2207,2208],{"class":984,"line":1058},[982,2209,1454],{"class":1429},[982,2211,2212],{"class":984,"line":1091},[982,2213,2214],{"class":988},"    # ...其他配置\n",[982,2216,2217],{"class":984,"line":1096},[982,2218,1535],{"class":1429},[2220,2221,2223],"note",{"title":2222},"注意","\nHTTP\u002F2 需要 HTTPS，无法在纯 HTTP 上使用。\n",[892,2225,2226],{"id":2226},"安全头",[900,2228,2230],{"id":2229},"hstshttp-严格传输安全","HSTS（HTTP 严格传输安全）",[973,2232,2234],{"className":1417,"code":2233,"language":1419,"meta":11,"style":11},"# 强制浏览器使用 HTTPS\nadd_header Strict-Transport-Security \"max-age=31536000; includeSubDomains; preload\" always;\n",[979,2235,2236,2241],{"__ignoreMap":11},[982,2237,2238],{"class":984,"line":985},[982,2239,2240],{"class":988},"# 强制浏览器使用 HTTPS\n",[982,2242,2243,2246,2248,2251],{"class":984,"line":992},[982,2244,2245],{"class":1341},"add_header ",[982,2247,1794],{"class":1429},[982,2249,2250],{"class":999},"\"max-age=31536000; includeSubDomains; preload\"",[982,2252,1800],{"class":1429},[896,2254,2255],{},"参数说明：",[2257,2258,2259,2266,2272],"ul",{},[2260,2261,2262,2265],"li",{},[979,2263,2264],{},"max-age","：HSTS 有效期（秒）",[2260,2267,2268,2271],{},[979,2269,2270],{},"includeSubDomains","：包含所有子域名",[2260,2273,2274,2277],{},[979,2275,2276],{},"preload","：可提交到浏览器预加载列表",[900,2279,2280],{"id":2280},"其他安全头",[973,2282,2284],{"className":1417,"code":2283,"language":1419,"meta":11,"style":11},"# 防止点击劫持\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\n\n# 防止 MIME 类型嗅探\nadd_header X-Content-Type-Options \"nosniff\" always;\n\n# XSS 保护\nadd_header X-XSS-Protection \"1; mode=block\" always;\n\n# 引用策略\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\n\n# 内容安全策略\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'\" always;\n\n# 权限策略\nadd_header Permissions-Policy \"geolocation=(), microphone=(), camera=()\" always;\n",[979,2285,2286,2291,2301,2305,2310,2320,2324,2329,2339,2343,2348,2360,2364,2369,2381,2385,2390],{"__ignoreMap":11},[982,2287,2288],{"class":984,"line":985},[982,2289,2290],{"class":988},"# 防止点击劫持\n",[982,2292,2293,2295,2297,2299],{"class":984,"line":992},[982,2294,2245],{"class":1341},[982,2296,1808],{"class":1429},[982,2298,1811],{"class":999},[982,2300,1800],{"class":1429},[982,2302,2303],{"class":984,"line":1013},[982,2304,1017],{"emptyLinePlaceholder":1016},[982,2306,2307],{"class":984,"line":1020},[982,2308,2309],{"class":988},"# 防止 MIME 类型嗅探\n",[982,2311,2312,2314,2316,2318],{"class":984,"line":1026},[982,2313,2245],{"class":1341},[982,2315,1821],{"class":1429},[982,2317,1824],{"class":999},[982,2319,1800],{"class":1429},[982,2321,2322],{"class":984,"line":1047},[982,2323,1017],{"emptyLinePlaceholder":1016},[982,2325,2326],{"class":984,"line":1052},[982,2327,2328],{"class":988},"# XSS 保护\n",[982,2330,2331,2333,2335,2337],{"class":984,"line":1058},[982,2332,2245],{"class":1341},[982,2334,1834],{"class":1429},[982,2336,1837],{"class":999},[982,2338,1800],{"class":1429},[982,2340,2341],{"class":984,"line":1091},[982,2342,1017],{"emptyLinePlaceholder":1016},[982,2344,2345],{"class":984,"line":1096},[982,2346,2347],{"class":988},"# 引用策略\n",[982,2349,2350,2352,2355,2358],{"class":984,"line":1102},[982,2351,2245],{"class":1341},[982,2353,2354],{"class":1429},"Referrer-Policy ",[982,2356,2357],{"class":999},"\"strict-origin-when-cross-origin\"",[982,2359,1800],{"class":1429},[982,2361,2362],{"class":984,"line":1128},[982,2363,1017],{"emptyLinePlaceholder":1016},[982,2365,2366],{"class":984,"line":1139},[982,2367,2368],{"class":988},"# 内容安全策略\n",[982,2370,2371,2373,2376,2379],{"class":984,"line":1150},[982,2372,2245],{"class":1341},[982,2374,2375],{"class":1429},"Content-Security-Policy ",[982,2377,2378],{"class":999},"\"default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'\"",[982,2380,1800],{"class":1429},[982,2382,2383],{"class":984,"line":1532},[982,2384,1017],{"emptyLinePlaceholder":1016},[982,2386,2387],{"class":984,"line":1538},[982,2388,2389],{"class":988},"# 权限策略\n",[982,2391,2392,2394,2397,2400],{"class":984,"line":1543},[982,2393,2245],{"class":1341},[982,2395,2396],{"class":1429},"Permissions-Policy ",[982,2398,2399],{"class":999},"\"geolocation=(), microphone=(), camera=()\"",[982,2401,1800],{"class":1429},[892,2403,2404],{"id":2404},"配置片段复用",[896,2406,2407],{},"创建可复用的 SSL 配置片段：",[973,2409,2411],{"className":1417,"code":2410,"language":1419,"meta":11,"style":11},"# \u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-params.conf\nssl_protocols TLSv1.2 TLSv1.3;\nssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;\nssl_prefer_server_ciphers on;\nssl_session_cache shared:SSL:10m;\nssl_session_timeout 1d;\nssl_session_tickets off;\nssl_stapling on;\nssl_stapling_verify on;\nresolver 8.8.8.8 8.8.4.4 valid=300s;\nresolver_timeout 5s;\nadd_header Strict-Transport-Security \"max-age=31536000; includeSubDomains\" always;\n",[979,2412,2413,2418,2424,2430,2438,2444,2452,2460,2468,2476,2486,2494],{"__ignoreMap":11},[982,2414,2415],{"class":984,"line":985},[982,2416,2417],{"class":988},"# \u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-params.conf\n",[982,2419,2420,2422],{"class":984,"line":992},[982,2421,1916],{"class":1341},[982,2423,1658],{"class":1429},[982,2425,2426,2428],{"class":984,"line":1013},[982,2427,1950],{"class":1341},[982,2429,1666],{"class":1429},[982,2431,2432,2434,2436],{"class":984,"line":1020},[982,2433,1967],{"class":1341},[982,2435,1674],{"class":1003},[982,2437,1524],{"class":1429},[982,2439,2440,2442],{"class":984,"line":1026},[982,2441,2036],{"class":1341},[982,2443,1693],{"class":1429},[982,2445,2446,2448,2450],{"class":984,"line":1047},[982,2447,2056],{"class":1341},[982,2449,1701],{"class":1003},[982,2451,1524],{"class":1429},[982,2453,2454,2456,2458],{"class":984,"line":1052},[982,2455,2074],{"class":1341},[982,2457,1711],{"class":1003},[982,2459,1524],{"class":1429},[982,2461,2462,2464,2466],{"class":984,"line":1058},[982,2463,2095],{"class":1341},[982,2465,1674],{"class":1003},[982,2467,1524],{"class":1429},[982,2469,2470,2472,2474],{"class":984,"line":1091},[982,2471,2104],{"class":1341},[982,2473,1674],{"class":1003},[982,2475,1524],{"class":1429},[982,2477,2478,2480,2482,2484],{"class":984,"line":1096},[982,2479,2129],{"class":1341},[982,2481,1757],{"class":1003},[982,2483,1760],{"class":1003},[982,2485,1763],{"class":1429},[982,2487,2488,2490,2492],{"class":984,"line":1102},[982,2489,2140],{"class":1341},[982,2491,1772],{"class":1003},[982,2493,1524],{"class":1429},[982,2495,2496,2498,2500,2502],{"class":984,"line":1128},[982,2497,2245],{"class":1341},[982,2499,1794],{"class":1429},[982,2501,1797],{"class":999},[982,2503,1800],{"class":1429},[973,2505,2507],{"className":1417,"code":2506,"language":1419,"meta":11,"style":11},"# \u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-example.com.conf\nssl_certificate \u002Fetc\u002Fletsencrypt\u002Flive\u002Fexample.com\u002Ffullchain.pem;\nssl_certificate_key \u002Fetc\u002Fletsencrypt\u002Flive\u002Fexample.com\u002Fprivkey.pem;\nssl_trusted_certificate \u002Fetc\u002Fletsencrypt\u002Flive\u002Fexample.com\u002Fchain.pem;\n",[979,2508,2509,2514,2521,2528],{"__ignoreMap":11},[982,2510,2511],{"class":984,"line":985},[982,2512,2513],{"class":988},"# \u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-example.com.conf\n",[982,2515,2516,2519],{"class":984,"line":992},[982,2517,2518],{"class":1341},"ssl_certificate ",[982,2520,1634],{"class":1429},[982,2522,2523,2526],{"class":984,"line":1013},[982,2524,2525],{"class":1341},"ssl_certificate_key ",[982,2527,1641],{"class":1429},[982,2529,2530,2532],{"class":984,"line":1020},[982,2531,2113],{"class":1341},[982,2533,1748],{"class":1429},[896,2535,2536],{},"使用片段：",[973,2538,2540],{"className":1417,"code":2539,"language":1419,"meta":11,"style":11},"server {\n    listen 443 ssl http2;\n    server_name example.com;\n    \n    include \u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-example.com.conf;\n    include \u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-params.conf;\n    \n    root \u002Fvar\u002Fwww\u002Fexample.com;\n    # ...\n}\n",[979,2541,2542,2548,2556,2562,2566,2574,2581,2585,2591,2596],{"__ignoreMap":11},[982,2543,2544,2546],{"class":984,"line":985},[982,2545,1426],{"class":1341},[982,2547,1430],{"class":1429},[982,2549,2550,2552,2554],{"class":984,"line":992},[982,2551,1435],{"class":1341},[982,2553,1438],{"class":1003},[982,2555,1611],{"class":1429},[982,2557,2558,2560],{"class":984,"line":1013},[982,2559,1446],{"class":1341},[982,2561,1449],{"class":1429},[982,2563,2564],{"class":984,"line":1020},[982,2565,1454],{"class":1429},[982,2567,2568,2571],{"class":984,"line":1026},[982,2569,2570],{"class":1341},"    include ",[982,2572,2573],{"class":1429},"\u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-example.com.conf;\n",[982,2575,2576,2578],{"class":984,"line":1047},[982,2577,2570],{"class":1341},[982,2579,2580],{"class":1429},"\u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-params.conf;\n",[982,2582,2583],{"class":984,"line":1052},[982,2584,1454],{"class":1429},[982,2586,2587,2589],{"class":984,"line":1058},[982,2588,1484],{"class":1341},[982,2590,1852],{"class":1429},[982,2592,2593],{"class":984,"line":1091},[982,2594,2595],{"class":988},"    # ...\n",[982,2597,2598],{"class":984,"line":1096},[982,2599,1535],{"class":1429},[892,2601,2602],{"id":2602},"多域名证书",[900,2604,2605],{"id":2605},"单证书多域名",[973,2607,2609],{"className":1417,"code":2608,"language":1419,"meta":11,"style":11},"server {\n    listen 443 ssl http2;\n    server_name example.com www.example.com api.example.com;\n    \n    # SAN 证书包含所有域名\n    ssl_certificate \u002Fetc\u002Fnginx\u002Fssl\u002Fmulti-domain.crt;\n    ssl_certificate_key \u002Fetc\u002Fnginx\u002Fssl\u002Fmulti-domain.key;\n    \n    # ...\n}\n",[979,2610,2611,2617,2625,2632,2636,2641,2648,2655,2659,2663],{"__ignoreMap":11},[982,2612,2613,2615],{"class":984,"line":985},[982,2614,1426],{"class":1341},[982,2616,1430],{"class":1429},[982,2618,2619,2621,2623],{"class":984,"line":992},[982,2620,1435],{"class":1341},[982,2622,1438],{"class":1003},[982,2624,1611],{"class":1429},[982,2626,2627,2629],{"class":984,"line":1013},[982,2628,1446],{"class":1341},[982,2630,2631],{"class":1429},"example.com www.example.com api.example.com;\n",[982,2633,2634],{"class":984,"line":1020},[982,2635,1454],{"class":1429},[982,2637,2638],{"class":984,"line":1026},[982,2639,2640],{"class":988},"    # SAN 证书包含所有域名\n",[982,2642,2643,2645],{"class":984,"line":1047},[982,2644,1464],{"class":1341},[982,2646,2647],{"class":1429},"\u002Fetc\u002Fnginx\u002Fssl\u002Fmulti-domain.crt;\n",[982,2649,2650,2652],{"class":984,"line":1052},[982,2651,1472],{"class":1341},[982,2653,2654],{"class":1429},"\u002Fetc\u002Fnginx\u002Fssl\u002Fmulti-domain.key;\n",[982,2656,2657],{"class":984,"line":1058},[982,2658,1454],{"class":1429},[982,2660,2661],{"class":984,"line":1091},[982,2662,2595],{"class":988},[982,2664,2665],{"class":984,"line":1096},[982,2666,1535],{"class":1429},[900,2668,2669],{"id":2669},"通配符证书",[973,2671,2673],{"className":1417,"code":2672,"language":1419,"meta":11,"style":11},"server {\n    listen 443 ssl http2;\n    server_name *.example.com;\n    \n    # 通配符证书\n    ssl_certificate \u002Fetc\u002Fnginx\u002Fssl\u002Fwildcard.crt;\n    ssl_certificate_key \u002Fetc\u002Fnginx\u002Fssl\u002Fwildcard.key;\n    \n    # ...\n}\n",[979,2674,2675,2681,2689,2696,2700,2705,2712,2719,2723,2727],{"__ignoreMap":11},[982,2676,2677,2679],{"class":984,"line":985},[982,2678,1426],{"class":1341},[982,2680,1430],{"class":1429},[982,2682,2683,2685,2687],{"class":984,"line":992},[982,2684,1435],{"class":1341},[982,2686,1438],{"class":1003},[982,2688,1611],{"class":1429},[982,2690,2691,2693],{"class":984,"line":1013},[982,2692,1446],{"class":1341},[982,2694,2695],{"class":1429},"*.example.com;\n",[982,2697,2698],{"class":984,"line":1020},[982,2699,1454],{"class":1429},[982,2701,2702],{"class":984,"line":1026},[982,2703,2704],{"class":988},"    # 通配符证书\n",[982,2706,2707,2709],{"class":984,"line":1047},[982,2708,1464],{"class":1341},[982,2710,2711],{"class":1429},"\u002Fetc\u002Fnginx\u002Fssl\u002Fwildcard.crt;\n",[982,2713,2714,2716],{"class":984,"line":1052},[982,2715,1472],{"class":1341},[982,2717,2718],{"class":1429},"\u002Fetc\u002Fnginx\u002Fssl\u002Fwildcard.key;\n",[982,2720,2721],{"class":984,"line":1058},[982,2722,1454],{"class":1429},[982,2724,2725],{"class":984,"line":1091},[982,2726,2595],{"class":988},[982,2728,2729],{"class":984,"line":1096},[982,2730,1535],{"class":1429},[900,2732,2734],{"id":2733},"sni多证书","SNI（多证书）",[973,2736,2738],{"className":1417,"code":2737,"language":1419,"meta":11,"style":11},"# 站点 A\nserver {\n    listen 443 ssl http2;\n    server_name a.example.com;\n    \n    ssl_certificate \u002Fetc\u002Fnginx\u002Fssl\u002Fa.example.com.crt;\n    ssl_certificate_key \u002Fetc\u002Fnginx\u002Fssl\u002Fa.example.com.key;\n    \n    # ...\n}\n\n# 站点 B\nserver {\n    listen 443 ssl http2;\n    server_name b.example.com;\n    \n    ssl_certificate \u002Fetc\u002Fnginx\u002Fssl\u002Fb.example.com.crt;\n    ssl_certificate_key \u002Fetc\u002Fnginx\u002Fssl\u002Fb.example.com.key;\n    \n    # ...\n}\n",[979,2739,2740,2745,2751,2759,2766,2770,2777,2784,2788,2792,2796,2800,2805,2811,2819,2826,2830,2837,2844,2848,2852],{"__ignoreMap":11},[982,2741,2742],{"class":984,"line":985},[982,2743,2744],{"class":988},"# 站点 A\n",[982,2746,2747,2749],{"class":984,"line":992},[982,2748,1426],{"class":1341},[982,2750,1430],{"class":1429},[982,2752,2753,2755,2757],{"class":984,"line":1013},[982,2754,1435],{"class":1341},[982,2756,1438],{"class":1003},[982,2758,1611],{"class":1429},[982,2760,2761,2763],{"class":984,"line":1020},[982,2762,1446],{"class":1341},[982,2764,2765],{"class":1429},"a.example.com;\n",[982,2767,2768],{"class":984,"line":1026},[982,2769,1454],{"class":1429},[982,2771,2772,2774],{"class":984,"line":1047},[982,2773,1464],{"class":1341},[982,2775,2776],{"class":1429},"\u002Fetc\u002Fnginx\u002Fssl\u002Fa.example.com.crt;\n",[982,2778,2779,2781],{"class":984,"line":1052},[982,2780,1472],{"class":1341},[982,2782,2783],{"class":1429},"\u002Fetc\u002Fnginx\u002Fssl\u002Fa.example.com.key;\n",[982,2785,2786],{"class":984,"line":1058},[982,2787,1454],{"class":1429},[982,2789,2790],{"class":984,"line":1091},[982,2791,2595],{"class":988},[982,2793,2794],{"class":984,"line":1096},[982,2795,1535],{"class":1429},[982,2797,2798],{"class":984,"line":1102},[982,2799,1017],{"emptyLinePlaceholder":1016},[982,2801,2802],{"class":984,"line":1128},[982,2803,2804],{"class":988},"# 站点 B\n",[982,2806,2807,2809],{"class":984,"line":1139},[982,2808,1426],{"class":1341},[982,2810,1430],{"class":1429},[982,2812,2813,2815,2817],{"class":984,"line":1150},[982,2814,1435],{"class":1341},[982,2816,1438],{"class":1003},[982,2818,1611],{"class":1429},[982,2820,2821,2823],{"class":984,"line":1532},[982,2822,1446],{"class":1341},[982,2824,2825],{"class":1429},"b.example.com;\n",[982,2827,2828],{"class":984,"line":1538},[982,2829,1454],{"class":1429},[982,2831,2832,2834],{"class":984,"line":1543},[982,2833,1464],{"class":1341},[982,2835,2836],{"class":1429},"\u002Fetc\u002Fnginx\u002Fssl\u002Fb.example.com.crt;\n",[982,2838,2839,2841],{"class":984,"line":1549},[982,2840,1472],{"class":1341},[982,2842,2843],{"class":1429},"\u002Fetc\u002Fnginx\u002Fssl\u002Fb.example.com.key;\n",[982,2845,2846],{"class":984,"line":1556},[982,2847,1454],{"class":1429},[982,2849,2850],{"class":984,"line":1566},[982,2851,2595],{"class":988},[982,2853,2854],{"class":984,"line":1573},[982,2855,1535],{"class":1429},[892,2857,2859],{"id":2858},"lets-encrypt-自动续期","Let's Encrypt 自动续期",[900,2861,2863],{"id":2862},"webroot-验证","Webroot 验证",[973,2865,2867],{"className":1417,"code":2866,"language":1419,"meta":11,"style":11},"server {\n    listen 80;\n    server_name example.com;\n    \n    # Let's Encrypt 验证路径\n    location \u002F.well-known\u002Facme-challenge\u002F {\n        root \u002Fvar\u002Fwww\u002Fcertbot;\n    }\n    \n    # 其他请求重定向到 HTTPS\n    location \u002F {\n        return 301 https:\u002F\u002F$server_name$request_uri;\n    }\n}\n",[979,2868,2869,2875,2883,2889,2893,2898,2907,2915,2919,2923,2928,2936,2945,2949],{"__ignoreMap":11},[982,2870,2871,2873],{"class":984,"line":985},[982,2872,1426],{"class":1341},[982,2874,1430],{"class":1429},[982,2876,2877,2879,2881],{"class":984,"line":992},[982,2878,1435],{"class":1341},[982,2880,1561],{"class":1003},[982,2882,1524],{"class":1429},[982,2884,2885,2887],{"class":984,"line":1013},[982,2886,1446],{"class":1341},[982,2888,1449],{"class":1429},[982,2890,2891],{"class":984,"line":1020},[982,2892,1454],{"class":1429},[982,2894,2895],{"class":984,"line":1026},[982,2896,2897],{"class":988},"    # Let's Encrypt 验证路径\n",[982,2899,2900,2902,2905],{"class":984,"line":1047},[982,2901,1504],{"class":1341},[982,2903,2904],{"class":995}," \u002F.well-known\u002Facme-challenge\u002F ",[982,2906,1510],{"class":1429},[982,2908,2909,2912],{"class":984,"line":1052},[982,2910,2911],{"class":1341},"        root ",[982,2913,2914],{"class":1429},"\u002Fvar\u002Fwww\u002Fcertbot;\n",[982,2916,2917],{"class":984,"line":1058},[982,2918,1529],{"class":1429},[982,2920,2921],{"class":984,"line":1091},[982,2922,1454],{"class":1429},[982,2924,2925],{"class":984,"line":1096},[982,2926,2927],{"class":988},"    # 其他请求重定向到 HTTPS\n",[982,2929,2930,2932,2934],{"class":984,"line":1102},[982,2931,1504],{"class":1341},[982,2933,1507],{"class":995},[982,2935,1510],{"class":1429},[982,2937,2938,2941,2943],{"class":984,"line":1128},[982,2939,2940],{"class":1341},"        return",[982,2942,1579],{"class":1003},[982,2944,1582],{"class":1429},[982,2946,2947],{"class":984,"line":1139},[982,2948,1529],{"class":1429},[982,2950,2951],{"class":984,"line":1150},[982,2952,1535],{"class":1429},[900,2954,2955],{"id":2955},"自动续期脚本",[973,2957,2959],{"className":975,"code":2958,"language":977,"meta":11,"style":11},"#!\u002Fbin\u002Fbash\n# \u002Fetc\u002Fcron.d\u002Fcertbot-renew\n\ncertbot renew --quiet --post-hook \"nginx -s reload\"\n",[979,2960,2961,2966,2971,2975],{"__ignoreMap":11},[982,2962,2963],{"class":984,"line":985},[982,2964,2965],{"class":988},"#!\u002Fbin\u002Fbash\n",[982,2967,2968],{"class":984,"line":992},[982,2969,2970],{"class":988},"# \u002Fetc\u002Fcron.d\u002Fcertbot-renew\n",[982,2972,2973],{"class":984,"line":1013},[982,2974,1017],{"emptyLinePlaceholder":1016},[982,2976,2977,2980,2982,2985,2988],{"class":984,"line":1020},[982,2978,2979],{"class":995},"certbot",[982,2981,1272],{"class":999},[982,2983,2984],{"class":1003}," --quiet",[982,2986,2987],{"class":1003}," --post-hook",[982,2989,2990],{"class":999}," \"nginx -s reload\"\n",[900,2992,2994],{"id":2993},"使用-docker","使用 Docker",[973,2996,3000],{"className":2997,"code":2998,"language":2999,"meta":11,"style":11},"language-yaml shiki shiki-themes github-light github-light github-dark","# docker-compose.yml\nversion: '3'\nservices:\n  nginx:\n    image: nginx:latest\n    ports:\n      - \"80:80\"\n      - \"443:443\"\n    volumes:\n      - .\u002Fnginx.conf:\u002Fetc\u002Fnginx\u002Fnginx.conf\n      - .\u002Fhtml:\u002Fusr\u002Fshare\u002Fnginx\u002Fhtml\n      - .\u002Fcertbot\u002Fconf:\u002Fetc\u002Fletsencrypt\n      - .\u002Fcertbot\u002Fwww:\u002Fvar\u002Fwww\u002Fcertbot\n    command: \"\u002Fbin\u002Fsh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \\\"daemon off;\\\"'\"\n  \n  certbot:\n    image: certbot\u002Fcertbot\n    volumes:\n      - .\u002Fcertbot\u002Fconf:\u002Fetc\u002Fletsencrypt\n      - .\u002Fcertbot\u002Fwww:\u002Fvar\u002Fwww\u002Fcertbot\n    entrypoint: \"\u002Fbin\u002Fsh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'\"\n","yaml",[979,3001,3002,3007,3019,3027,3034,3044,3051,3059,3066,3073,3080,3087,3094,3101,3122,3127,3134,3143,3149,3155,3161],{"__ignoreMap":11},[982,3003,3004],{"class":984,"line":985},[982,3005,3006],{"class":988},"# docker-compose.yml\n",[982,3008,3009,3013,3016],{"class":984,"line":992},[982,3010,3012],{"class":3011},"sovSZ","version",[982,3014,3015],{"class":1429},": ",[982,3017,3018],{"class":999},"'3'\n",[982,3020,3021,3024],{"class":984,"line":1013},[982,3022,3023],{"class":3011},"services",[982,3025,3026],{"class":1429},":\n",[982,3028,3029,3032],{"class":984,"line":1020},[982,3030,3031],{"class":3011},"  nginx",[982,3033,3026],{"class":1429},[982,3035,3036,3039,3041],{"class":984,"line":1026},[982,3037,3038],{"class":3011},"    image",[982,3040,3015],{"class":1429},[982,3042,3043],{"class":999},"nginx:latest\n",[982,3045,3046,3049],{"class":984,"line":1047},[982,3047,3048],{"class":3011},"    ports",[982,3050,3026],{"class":1429},[982,3052,3053,3056],{"class":984,"line":1052},[982,3054,3055],{"class":1429},"      - ",[982,3057,3058],{"class":999},"\"80:80\"\n",[982,3060,3061,3063],{"class":984,"line":1058},[982,3062,3055],{"class":1429},[982,3064,3065],{"class":999},"\"443:443\"\n",[982,3067,3068,3071],{"class":984,"line":1091},[982,3069,3070],{"class":3011},"    volumes",[982,3072,3026],{"class":1429},[982,3074,3075,3077],{"class":984,"line":1096},[982,3076,3055],{"class":1429},[982,3078,3079],{"class":999},".\u002Fnginx.conf:\u002Fetc\u002Fnginx\u002Fnginx.conf\n",[982,3081,3082,3084],{"class":984,"line":1102},[982,3083,3055],{"class":1429},[982,3085,3086],{"class":999},".\u002Fhtml:\u002Fusr\u002Fshare\u002Fnginx\u002Fhtml\n",[982,3088,3089,3091],{"class":984,"line":1128},[982,3090,3055],{"class":1429},[982,3092,3093],{"class":999},".\u002Fcertbot\u002Fconf:\u002Fetc\u002Fletsencrypt\n",[982,3095,3096,3098],{"class":984,"line":1139},[982,3097,3055],{"class":1429},[982,3099,3100],{"class":999},".\u002Fcertbot\u002Fwww:\u002Fvar\u002Fwww\u002Fcertbot\n",[982,3102,3103,3106,3108,3111,3114,3117,3119],{"class":984,"line":1150},[982,3104,3105],{"class":3011},"    command",[982,3107,3015],{"class":1429},[982,3109,3110],{"class":999},"\"\u002Fbin\u002Fsh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g ",[982,3112,3113],{"class":1003},"\\\"",[982,3115,3116],{"class":999},"daemon off;",[982,3118,3113],{"class":1003},[982,3120,3121],{"class":999},"'\"\n",[982,3123,3124],{"class":984,"line":1532},[982,3125,3126],{"class":1429},"  \n",[982,3128,3129,3132],{"class":984,"line":1538},[982,3130,3131],{"class":3011},"  certbot",[982,3133,3026],{"class":1429},[982,3135,3136,3138,3140],{"class":984,"line":1543},[982,3137,3038],{"class":3011},[982,3139,3015],{"class":1429},[982,3141,3142],{"class":999},"certbot\u002Fcertbot\n",[982,3144,3145,3147],{"class":984,"line":1549},[982,3146,3070],{"class":3011},[982,3148,3026],{"class":1429},[982,3150,3151,3153],{"class":984,"line":1556},[982,3152,3055],{"class":1429},[982,3154,3093],{"class":999},[982,3156,3157,3159],{"class":984,"line":1566},[982,3158,3055],{"class":1429},[982,3160,3100],{"class":999},[982,3162,3163,3166,3168],{"class":984,"line":1573},[982,3164,3165],{"class":3011},"    entrypoint",[982,3167,3015],{"class":1429},[982,3169,3170],{"class":999},"\"\u002Fbin\u002Fsh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'\"\n",[892,3172,3174],{"id":3173},"ssl-测试","SSL 测试",[900,3176,3177],{"id":3177},"在线测试",[2257,3179,3180,3190],{},[2260,3181,3182,3189],{},[3183,3184,3188],"a",{"href":3185,"rel":3186},"https:\u002F\u002Fwww.ssllabs.com\u002Fssltest\u002F",[3187],"nofollow","SSL Labs","：全面的 SSL 安全评估",[2260,3191,3192,3197],{},[3183,3193,3196],{"href":3194,"rel":3195},"https:\u002F\u002Fsecurityheaders.com\u002F",[3187],"Security Headers","：安全头检测",[900,3199,3200],{"id":3200},"命令行测试",[973,3202,3204],{"className":975,"code":3203,"language":977,"meta":11,"style":11},"# 测试 SSL 连接\nopenssl s_client -connect example.com:443 -servername example.com\n\n# 查看证书信息\nopenssl s_client -connect example.com:443 -servername example.com 2>\u002Fdev\u002Fnull | openssl x509 -text\n\n# 检查证书有效期\necho | openssl s_client -connect example.com:443 -servername example.com 2>\u002Fdev\u002Fnull | openssl x509 -noout -dates\n\n# 测试特定协议\nopenssl s_client -connect example.com:443 -tls1_2\nopenssl s_client -connect example.com:443 -tls1_3\n",[979,3205,3206,3211,3229,3233,3238,3268,3272,3277,3312,3316,3321,3334],{"__ignoreMap":11},[982,3207,3208],{"class":984,"line":985},[982,3209,3210],{"class":988},"# 测试 SSL 连接\n",[982,3212,3213,3215,3218,3221,3224,3227],{"class":984,"line":992},[982,3214,996],{"class":995},[982,3216,3217],{"class":999}," s_client",[982,3219,3220],{"class":1003}," -connect",[982,3222,3223],{"class":999}," example.com:443",[982,3225,3226],{"class":1003}," -servername",[982,3228,1254],{"class":999},[982,3230,3231],{"class":984,"line":1013},[982,3232,1017],{"emptyLinePlaceholder":1016},[982,3234,3235],{"class":984,"line":1020},[982,3236,3237],{"class":988},"# 查看证书信息\n",[982,3239,3240,3242,3244,3246,3248,3250,3252,3255,3258,3261,3263,3265],{"class":984,"line":1026},[982,3241,996],{"class":995},[982,3243,3217],{"class":999},[982,3245,3220],{"class":1003},[982,3247,3223],{"class":999},[982,3249,3226],{"class":1003},[982,3251,1217],{"class":999},[982,3253,3254],{"class":1341}," 2>",[982,3256,3257],{"class":999},"\u002Fdev\u002Fnull",[982,3259,3260],{"class":1341}," |",[982,3262,2008],{"class":995},[982,3264,1063],{"class":999},[982,3266,3267],{"class":1003}," -text\n",[982,3269,3270],{"class":984,"line":1047},[982,3271,1017],{"emptyLinePlaceholder":1016},[982,3273,3274],{"class":984,"line":1052},[982,3275,3276],{"class":988},"# 检查证书有效期\n",[982,3278,3279,3282,3284,3286,3288,3290,3292,3294,3296,3298,3300,3302,3304,3306,3309],{"class":984,"line":1058},[982,3280,3281],{"class":1003},"echo",[982,3283,3260],{"class":1341},[982,3285,2008],{"class":995},[982,3287,3217],{"class":999},[982,3289,3220],{"class":1003},[982,3291,3223],{"class":999},[982,3293,3226],{"class":1003},[982,3295,1217],{"class":999},[982,3297,3254],{"class":1341},[982,3299,3257],{"class":999},[982,3301,3260],{"class":1341},[982,3303,2008],{"class":995},[982,3305,1063],{"class":999},[982,3307,3308],{"class":1003}," -noout",[982,3310,3311],{"class":1003}," -dates\n",[982,3313,3314],{"class":984,"line":1091},[982,3315,1017],{"emptyLinePlaceholder":1016},[982,3317,3318],{"class":984,"line":1096},[982,3319,3320],{"class":988},"# 测试特定协议\n",[982,3322,3323,3325,3327,3329,3331],{"class":984,"line":1102},[982,3324,996],{"class":995},[982,3326,3217],{"class":999},[982,3328,3220],{"class":1003},[982,3330,3223],{"class":999},[982,3332,3333],{"class":1003}," -tls1_2\n",[982,3335,3336,3338,3340,3342,3344],{"class":984,"line":1128},[982,3337,996],{"class":995},[982,3339,3217],{"class":999},[982,3341,3220],{"class":1003},[982,3343,3223],{"class":999},[982,3345,3346],{"class":1003}," -tls1_3\n",[892,3348,3349],{"id":3349},"完整配置示例",[973,3351,3353],{"className":1417,"code":3352,"language":1419,"meta":11,"style":11},"# HTTP 重定向\nserver {\n    listen 80;\n    server_name example.com www.example.com;\n    \n    location \u002F.well-known\u002Facme-challenge\u002F {\n        root \u002Fvar\u002Fwww\u002Fcertbot;\n    }\n    \n    location \u002F {\n        return 301 https:\u002F\u002Fexample.com$request_uri;\n    }\n}\n\n# www 重定向\nserver {\n    listen 443 ssl http2;\n    server_name www.example.com;\n    \n    include \u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-example.com.conf;\n    include \u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-params.conf;\n    \n    return 301 https:\u002F\u002Fexample.com$request_uri;\n}\n\n# 主站\nserver {\n    listen 443 ssl http2;\n    server_name example.com;\n    \n    include \u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-example.com.conf;\n    include \u002Fetc\u002Fnginx\u002Fsnippets\u002Fssl-params.conf;\n    \n    root \u002Fvar\u002Fwww\u002Fexample.com;\n    index index.html;\n    \n    # 安全头\n    add_header X-Frame-Options \"SAMEORIGIN\" always;\n    add_header X-Content-Type-Options \"nosniff\" always;\n    \n    location \u002F {\n        try_files $uri $uri\u002F =404;\n    }\n    \n    # 静态资源缓存\n    location ~* \\.(css|js|jpg|jpeg|png|gif|ico|svg|woff|woff2)$ {\n        expires 30d;\n        add_header Cache-Control \"public, immutable\";\n    }\n    \n    # 错误页面\n    error_page 404 \u002F404.html;\n    error_page 500 502 503 504 \u002F50x.html;\n}\n",[979,3354,3355,3360,3366,3374,3380,3384,3392,3398,3402,3406,3414,3423,3427,3431,3435,3440,3446,3454,3461,3465,3471,3477,3481,3489,3493,3497,3502,3508,3516,3522,3526,3532,3538,3542,3548,3554,3558,3562,3572,3583,3588,3597,3608,3613,3618,3624,3638,3649,3663,3668,3673,3679,3691,3711],{"__ignoreMap":11},[982,3356,3357],{"class":984,"line":985},[982,3358,3359],{"class":988},"# HTTP 重定向\n",[982,3361,3362,3364],{"class":984,"line":992},[982,3363,1426],{"class":1341},[982,3365,1430],{"class":1429},[982,3367,3368,3370,3372],{"class":984,"line":1013},[982,3369,1435],{"class":1341},[982,3371,1561],{"class":1003},[982,3373,1524],{"class":1429},[982,3375,3376,3378],{"class":984,"line":1020},[982,3377,1446],{"class":1341},[982,3379,1618],{"class":1429},[982,3381,3382],{"class":984,"line":1026},[982,3383,1454],{"class":1429},[982,3385,3386,3388,3390],{"class":984,"line":1047},[982,3387,1504],{"class":1341},[982,3389,2904],{"class":995},[982,3391,1510],{"class":1429},[982,3393,3394,3396],{"class":984,"line":1052},[982,3395,2911],{"class":1341},[982,3397,2914],{"class":1429},[982,3399,3400],{"class":984,"line":1058},[982,3401,1529],{"class":1429},[982,3403,3404],{"class":984,"line":1091},[982,3405,1454],{"class":1429},[982,3407,3408,3410,3412],{"class":984,"line":1096},[982,3409,1504],{"class":1341},[982,3411,1507],{"class":995},[982,3413,1510],{"class":1429},[982,3415,3416,3418,3420],{"class":984,"line":1102},[982,3417,2940],{"class":1341},[982,3419,1579],{"class":1003},[982,3421,3422],{"class":1429}," https:\u002F\u002Fexample.com$request_uri;\n",[982,3424,3425],{"class":984,"line":1128},[982,3426,1529],{"class":1429},[982,3428,3429],{"class":984,"line":1139},[982,3430,1535],{"class":1429},[982,3432,3433],{"class":984,"line":1150},[982,3434,1017],{"emptyLinePlaceholder":1016},[982,3436,3437],{"class":984,"line":1532},[982,3438,3439],{"class":988},"# www 重定向\n",[982,3441,3442,3444],{"class":984,"line":1538},[982,3443,1426],{"class":1341},[982,3445,1430],{"class":1429},[982,3447,3448,3450,3452],{"class":984,"line":1543},[982,3449,1435],{"class":1341},[982,3451,1438],{"class":1003},[982,3453,1611],{"class":1429},[982,3455,3456,3458],{"class":984,"line":1549},[982,3457,1446],{"class":1341},[982,3459,3460],{"class":1429},"www.example.com;\n",[982,3462,3463],{"class":984,"line":1556},[982,3464,1454],{"class":1429},[982,3466,3467,3469],{"class":984,"line":1566},[982,3468,2570],{"class":1341},[982,3470,2573],{"class":1429},[982,3472,3473,3475],{"class":984,"line":1573},[982,3474,2570],{"class":1341},[982,3476,2580],{"class":1429},[982,3478,3479],{"class":984,"line":1585},[982,3480,1454],{"class":1429},[982,3482,3483,3485,3487],{"class":984,"line":1751},[982,3484,1576],{"class":1341},[982,3486,1579],{"class":1003},[982,3488,3422],{"class":1429},[982,3490,3491],{"class":984,"line":1766},[982,3492,1535],{"class":1429},[982,3494,3495],{"class":984,"line":1777},[982,3496,1017],{"emptyLinePlaceholder":1016},[982,3498,3499],{"class":984,"line":1782},[982,3500,3501],{"class":988},"# 主站\n",[982,3503,3504,3506],{"class":984,"line":1788},[982,3505,1426],{"class":1341},[982,3507,1430],{"class":1429},[982,3509,3510,3512,3514],{"class":984,"line":1803},[982,3511,1435],{"class":1341},[982,3513,1438],{"class":1003},[982,3515,1611],{"class":1429},[982,3517,3518,3520],{"class":984,"line":1816},[982,3519,1446],{"class":1341},[982,3521,1449],{"class":1429},[982,3523,3524],{"class":984,"line":1829},[982,3525,1454],{"class":1429},[982,3527,3528,3530],{"class":984,"line":1842},[982,3529,2570],{"class":1341},[982,3531,2573],{"class":1429},[982,3533,3534,3536],{"class":984,"line":1847},[982,3535,2570],{"class":1341},[982,3537,2580],{"class":1429},[982,3539,3540],{"class":984,"line":1855},[982,3541,1454],{"class":1429},[982,3543,3544,3546],{"class":984,"line":1862},[982,3545,1484],{"class":1341},[982,3547,1852],{"class":1429},[982,3549,3550,3552],{"class":984,"line":1867},[982,3551,1492],{"class":1341},[982,3553,1495],{"class":1429},[982,3555,3556],{"class":984,"line":1876},[982,3557,1454],{"class":1429},[982,3559,3560],{"class":984,"line":1887},[982,3561,1785],{"class":988},[982,3563,3564,3566,3568,3570],{"class":984,"line":1892},[982,3565,1791],{"class":1341},[982,3567,1808],{"class":1429},[982,3569,1811],{"class":999},[982,3571,1800],{"class":1429},[982,3573,3575,3577,3579,3581],{"class":984,"line":3574},39,[982,3576,1791],{"class":1341},[982,3578,1821],{"class":1429},[982,3580,1824],{"class":999},[982,3582,1800],{"class":1429},[982,3584,3586],{"class":984,"line":3585},40,[982,3587,1454],{"class":1429},[982,3589,3591,3593,3595],{"class":984,"line":3590},41,[982,3592,1504],{"class":1341},[982,3594,1507],{"class":995},[982,3596,1510],{"class":1429},[982,3598,3600,3602,3604,3606],{"class":984,"line":3599},42,[982,3601,1515],{"class":1341},[982,3603,1518],{"class":1429},[982,3605,1521],{"class":1003},[982,3607,1524],{"class":1429},[982,3609,3611],{"class":984,"line":3610},43,[982,3612,1529],{"class":1429},[982,3614,3616],{"class":984,"line":3615},44,[982,3617,1454],{"class":1429},[982,3619,3621],{"class":984,"line":3620},45,[982,3622,3623],{"class":988},"    # 静态资源缓存\n",[982,3625,3627,3629,3632,3636],{"class":984,"line":3626},46,[982,3628,1504],{"class":1341},[982,3630,3631],{"class":1341}," ~*",[982,3633,3635],{"class":3634},"s3JiQ"," \\.(css|js|jpg|jpeg|png|gif|ico|svg|woff|woff2)$ ",[982,3637,1510],{"class":1429},[982,3639,3641,3644,3647],{"class":984,"line":3640},47,[982,3642,3643],{"class":1341},"        expires ",[982,3645,3646],{"class":1003},"30d",[982,3648,1524],{"class":1429},[982,3650,3652,3655,3658,3661],{"class":984,"line":3651},48,[982,3653,3654],{"class":1341},"        add_header ",[982,3656,3657],{"class":1429},"Cache-Control ",[982,3659,3660],{"class":999},"\"public, immutable\"",[982,3662,1524],{"class":1429},[982,3664,3666],{"class":984,"line":3665},49,[982,3667,1529],{"class":1429},[982,3669,3671],{"class":984,"line":3670},50,[982,3672,1454],{"class":1429},[982,3674,3676],{"class":984,"line":3675},51,[982,3677,3678],{"class":988},"    # 错误页面\n",[982,3680,3682,3685,3688],{"class":984,"line":3681},52,[982,3683,3684],{"class":1341},"    error_page ",[982,3686,3687],{"class":1003},"404",[982,3689,3690],{"class":1429}," \u002F404.html;\n",[982,3692,3694,3696,3699,3702,3705,3708],{"class":984,"line":3693},53,[982,3695,3684],{"class":1341},[982,3697,3698],{"class":1003},"500",[982,3700,3701],{"class":1003}," 502",[982,3703,3704],{"class":1003}," 503",[982,3706,3707],{"class":1003}," 504",[982,3709,3710],{"class":1429}," \u002F50x.html;\n",[982,3712,3714],{"class":984,"line":3713},54,[982,3715,1535],{"class":1429},[892,3717,3718],{"id":3718},"总结",[905,3720,3721,3731],{},[908,3722,3723],{},[911,3724,3725,3728],{},[914,3726,3727],{"align":916},"配置项",[914,3729,3730],{"align":916},"推荐值",[922,3732,3733,3741,3748,3755,3762,3770],{},[911,3734,3735,3738],{},[927,3736,3737],{"align":916},"SSL 协议",[927,3739,3740],{"align":916},"TLSv1.2 TLSv1.3",[911,3742,3743,3745],{},[927,3744,2021],{"align":916},[927,3746,3747],{"align":916},"shared:SSL:10m",[911,3749,3750,3753],{},[927,3751,3752],{"align":916},"会话超时",[927,3754,1701],{"align":916},[911,3756,3757,3759],{},[927,3758,2082],{"align":916},[927,3760,3761],{"align":916},"开启",[911,3763,3764,3767],{},[927,3765,3766],{"align":916},"HSTS max-age",[927,3768,3769],{"align":916},"31536000（1 年）",[911,3771,3772,3775],{},[927,3773,3774],{"align":916},"HTTP\u002F2",[927,3776,3777],{"align":916},"推荐开启",[2220,3779,3781],{"title":3780},"最佳实践","\n1. 使用 Let's Encrypt 获取免费证书\n2. 配置 HTTP 到 HTTPS 的自动重定向\n3. 启用 HTTP\u002F2 提升性能\n4. 配置 HSTS 增强安全性\n5. 定期检查证书有效期\n6. 使用 SSL Labs 测试配置\n",[3783,3784,3785],"style",{},"html pre.shiki code .sCsY4, html code.shiki .sCsY4{--shiki-light:#6A737D;--shiki-default:#6A737D;--shiki-dark:#6A737D}html pre.shiki code .snPdu, html code.shiki .snPdu{--shiki-light:#6F42C1;--shiki-default:#6F42C1;--shiki-dark:#B392F0}html pre.shiki code .sIIMD, html code.shiki .sIIMD{--shiki-light:#032F62;--shiki-default:#032F62;--shiki-dark:#9ECBFF}html pre.shiki code .sBjJW, html code.shiki .sBjJW{--shiki-light:#005CC5;--shiki-default:#005CC5;--shiki-dark:#79B8FF}html .light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html.light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html pre.shiki code .s8jYJ, html code.shiki .s8jYJ{--shiki-light:#D73A49;--shiki-default:#D73A49;--shiki-dark:#F97583}html pre.shiki code .sovSZ, html code.shiki .sovSZ{--shiki-light:#22863A;--shiki-default:#22863A;--shiki-dark:#85E89D}html pre.shiki code .sxrX7, html code.shiki .sxrX7{--shiki-light:#24292E;--shiki-default:#24292E;--shiki-dark:#E1E4E8}html pre.shiki code .s3JiQ, html code.shiki .s3JiQ{--shiki-light:#032F62;--shiki-default:#032F62;--shiki-dark:#DBEDFF}",{"title":11,"searchDepth":992,"depth":992,"links":3787},[3788,3791,3796,3800,3806,3807,3811,3812,3817,3822,3826,3827],{"id":894,"depth":992,"text":894,"children":3789},[3790],{"id":902,"depth":1013,"text":903},{"id":967,"depth":992,"text":967,"children":3792},[3793,3794,3795],{"id":970,"depth":1013,"text":971},{"id":1159,"depth":1013,"text":1160},{"id":1311,"depth":1013,"text":1311},{"id":1410,"depth":992,"text":1410,"children":3797},[3798,3799],{"id":1413,"depth":1013,"text":1414},{"id":1590,"depth":1013,"text":1591},{"id":1897,"depth":992,"text":1898,"children":3801},[3802,3803,3804,3805],{"id":1901,"depth":1013,"text":1901},{"id":1935,"depth":1013,"text":1935},{"id":2021,"depth":1013,"text":2021},{"id":2081,"depth":1013,"text":2082},{"id":2147,"depth":992,"text":2148},{"id":2226,"depth":992,"text":2226,"children":3808},[3809,3810],{"id":2229,"depth":1013,"text":2230},{"id":2280,"depth":1013,"text":2280},{"id":2404,"depth":992,"text":2404},{"id":2602,"depth":992,"text":2602,"children":3813},[3814,3815,3816],{"id":2605,"depth":1013,"text":2605},{"id":2669,"depth":1013,"text":2669},{"id":2733,"depth":1013,"text":2734},{"id":2858,"depth":992,"text":2859,"children":3818},[3819,3820,3821],{"id":2862,"depth":1013,"text":2863},{"id":2955,"depth":1013,"text":2955},{"id":2993,"depth":1013,"text":2994},{"id":3173,"depth":992,"text":3174,"children":3823},[3824,3825],{"id":3177,"depth":1013,"text":3177},{"id":3200,"depth":1013,"text":3200},{"id":3349,"depth":992,"text":3349},{"id":3718,"depth":992,"text":3718},"md",{},{"title":693,"description":11},"tutorials\u002Fcloud\u002Fnginx\u002Fnginx-https","F6xnMdyiljb_JgTTJtB68Uj7XXjeQqYT_Z2yblYCBrQ",1775496417600]