检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Figure 3 Checking insecure items If the web link is useless, delete it. Then check whether the insecure link is cleared successfully. If the web link is important and cannot be deleted, change the HTTP path to an HTTPS path.
Find and modify the following parameter: #SSLCertificateChainFile "${SRVROOT}/conf/server-ca.crt" Delete the comment tag # at the beginning of the line. Set this parameter to the path of the ca.crt file. The path cannot contain Chinese characters.
-- <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> --> Find the preceding parameters and delete the comment characters
MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} Delete comment tags (#) at the beginning of the lines. server { listen 443 ssl; server_name localhost
Find and modify the following parameter: #SSLCertificateChainFile "${SRVROOT}/conf/server-ca.crt" Delete the comment tag # at the beginning of the line. Set this parameter to the path of the ca.crt file. The path cannot contain Chinese characters.
MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} Delete comment tags (#) at the beginning of the lines. server { listen 443 ssl; server_name localhost
There are restrictions on the operations that the CA or certificate is allowed to perform in different states, please check the conditions of the operations: Disable CA: CA status must be in "ACTIVED" or "EXPIRED" status; Enable CA: CA status must be in "DISABLED" status; Delete CA
-- <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> --> Find the preceding parameters and delete the comment characters
Solution: Delete all CAA records from the domain name resolution record sets. Problem 5: The CA verification server does not find the DNS resolution record. Solution: The CA verification server is located outside China.
Once you purchase a test certificate, it will be counted towards the quota even if you delete it after submitting the application or revoke it after it is issued. Your account and the IAM users created under your account share the quota of the 20 test certificates.
Solution: Delete all CAA records from the domain name resolution record sets. Problem 5: The CA verification server does not find the DNS resolution record. Solution: The CA verification server is located outside China.