{"id":3672,"date":"2025-04-28T10:36:07","date_gmt":"2025-04-28T02:36:07","guid":{"rendered":"https:\/\/nj.transwarp.cn:8180\/?p=3672"},"modified":"2025-04-28T10:36:07","modified_gmt":"2025-04-28T02:36:07","slug":"ssl-tls-%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9e%ac%e6%97%b6-diffie-hellman-%e5%85%ac%e5%85%b1%e5%af%86%e9%92%a5%e8%bf%87%e5%bc%b1%e3%80%90%e5%8e%9f%e7%90%86%e6%89%ab%e6%8f%8f%e3%80%91%e4%bf%ae%e5%a4%8d","status":"publish","type":"post","link":"https:\/\/kbwp.transwarp.cn\/?p=3672","title":{"rendered":"SSL\/TLS \u670d\u52a1\u5668\u77ac\u65f6 Diffie-Hellman \u516c\u5171\u5bc6\u94a5\u8fc7\u5f31\u3010\u539f\u7406\u626b\u63cf\u3011\u4fee\u590d"},"content":{"rendered":"<h3>\u6982\u8981\u63cf\u8ff0<\/h3>\n<p>\u672c\u6587\u63cf\u8ff0\u5b89\u88c5DBAService\u540e\uff0cDBAService\u76f8\u5173\u7aef\u53e3\u88ab\u626b\u63cf\u51fa\u6f0f\u6d1e\uff1a\u201cSSL\/TLS \u670d\u52a1\u5668\u77ac\u65f6 Diffie-Hellman \u516c\u5171\u5bc6\u94a5\u8fc7\u5f31\u3010\u539f\u7406\u626b\u63cf\u3011\u201d\u7684\u4fee\u590d\u65b9\u6cd5<\/p>\n<h3>\u8be6\u7ec6\u63cf\u8ff0<\/h3>\n<h4>1 DBAService\u90e8\u5206<\/h4>\n<h5>1 \u5907\u4efd\u9700\u8981\u4fee\u6539\u7684\u6587\u4ef6<\/h5>\n<pre><code class=\"language-shell\">cd \/var\/lib\/transwarp-manager\/master\/content\/meta\/services\/DBA_SERVICE\/transwarp-6.2.1-final\/templates\ncp aiops.yml.ftl aiops.yml.ftl.init\ncp application.yml.ftl application.yml.ftl.init<\/code><\/pre>\n<h5>2 \u4fee\u6539aiops.yml.ftl\u548capplication.yml.ftl<\/h5>\n<pre><code class=\"language-shell\">vim aiops.yml.ftl<\/code><\/pre>\n<p>\u6dfb\u52a0\uff08server.ssl.ciphers\u7684\u503c\u4e0d\u80fd\u6362\u884c\uff0c\u9700\u8981\u5728\u540c\u4e00\u884c\u5185\uff09<\/p>\n<pre><code class=\"language-shell\">server.ssl.enabledProtocols: TLSv1.2\nserver.ssl.ciphers: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384<\/code><\/pre>\n<p><img decoding=\"async\" src=\"https:\/\/nj.transwarp.cn:8180\/wp-content\/uploads\/2020\/07\/image-1595813485684.png\" alt=\"file\" \/><br \/>\n\u4fdd\u5b58\u9000\u51fa<\/p>\n<pre><code class=\"language-shell\">vim application.yml.ftl <\/code><\/pre>\n<p>\u5728\u4e0b\u9762\u7684\u4f4d\u7f6e\u6dfb\u52a0\u4e0a\u9762\u76f8\u540c\u7684\u5185\u5bb9<br \/>\n<img decoding=\"async\" src=\"https:\/\/nj.transwarp.cn:8180\/wp-content\/uploads\/2020\/07\/image-1595813559327.png\" alt=\"file\" \/><br \/>\n\u4fdd\u5b58\u9000\u51fa<\/p>\n<h5>3 \u91cd\u542fmanager<\/h5>\n<pre><code class=\"language-shell\">\/etc\/init.d\/transwarp-manager restart<\/code><\/pre>\n<h5>4 \u914d\u7f6e\u670d\u52a1\uff0c\u91cd\u542fDBAService<\/h5>\n<p><img decoding=\"async\" src=\"https:\/\/nj.transwarp.cn:8180\/wp-content\/uploads\/2020\/07\/image-1595813702589.png\" alt=\"file\" \/><br \/>\n<img decoding=\"async\" src=\"https:\/\/nj.transwarp.cn:8180\/wp-content\/uploads\/2020\/07\/image-1595813722653.png\" alt=\"file\" \/><\/p>\n<h4>2 CAS\u90e8\u5206<\/h4>\n<h5>1 \u5907\u4efd\u9700\u8981\u4fee\u6539\u7684\u6587\u4ef6<\/h5>\n<pre><code class=\"language-shell\">cd \/var\/lib\/transwarp-manager\/master\/content\/meta\/services\/GUARDIAN\/[guardian\u5bf9\u5e94\u7684\u7248\u672c]\/templates \ncp  cas-configuration-server-env.sh  cas-configuration-server-env.sh.backup<\/code><\/pre>\n<h5>2 \u4fee\u6539cas-configuration-server-env.sh<\/h5>\n<pre><code class=\"language-shell\">vim cas-configuration-server-env.sh<\/code><\/pre>\n<p>\u5728\u6700\u540e\u4e24\u884c\u6dfb\u52a0<\/p>\n<pre><code class=\"language-shell\">export CAS_SERVER_SSL_SECURITYENHANCED=true\nexport CAS_MGMT_SERVER_SSL_SECURITYENHANCED=true<\/code><\/pre>\n<p><img decoding=\"async\" src=\"https:\/\/nj.transwarp.cn:8180\/wp-content\/uploads\/2020\/07\/image-1595813852998.png\" alt=\"file\" \/><br \/>\n\u4fdd\u5b58\u9000\u51fa<\/p>\n<h5>3 \u91cd\u542fmanager\u670d\u52a1<\/h5>\n<pre><code class=\"language-shell\">\/etc\/init.d\/transwarp-manager restart<\/code><\/pre>\n<h5>4 \u914d\u7f6e\u670d\u52a1\u91cd\u542fguardian<\/h5>\n<p><img decoding=\"async\" src=\"https:\/\/nj.transwarp.cn:8180\/wp-content\/uploads\/2020\/07\/image-1595813930298.png\" alt=\"file\" \/><br \/>\n<img decoding=\"async\" src=\"https:\/\/nj.transwarp.cn:8180\/wp-content\/uploads\/2020\/07\/image-1595813943905.png\" alt=\"file\" \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6982\u8981\u63cf\u8ff0 \u672c\u6587\u63cf\u8ff0\u5b89\u88c5DBAService\u540e\uff0cDBAService\u76f8\u5173\u7aef\u53e3\u88ab\u626b\u63cf\u51fa\u6f0f\u6d1e\uff1a\u201cSSL\/TLS \u670d\u52a1 ..<\/p>\n<div class=\"clear-fix\"><\/div>\n<p><a href=\"https:\/\/kbwp.transwarp.cn\/?p=3672\" title=\"read more...\">Read more<\/a><\/p>\n","protected":false},"author":15,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3672","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"_links":{"self":[{"href":"https:\/\/kbwp.transwarp.cn\/index.php?rest_route=\/wp\/v2\/posts\/3672","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kbwp.transwarp.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kbwp.transwarp.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kbwp.transwarp.cn\/index.php?rest_route=\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/kbwp.transwarp.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3672"}],"version-history":[{"count":2,"href":"https:\/\/kbwp.transwarp.cn\/index.php?rest_route=\/wp\/v2\/posts\/3672\/revisions"}],"predecessor-version":[{"id":16405,"href":"https:\/\/kbwp.transwarp.cn\/index.php?rest_route=\/wp\/v2\/posts\/3672\/revisions\/16405"}],"wp:attachment":[{"href":"https:\/\/kbwp.transwarp.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3672"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kbwp.transwarp.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3672"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kbwp.transwarp.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3672"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}