6

文件不清楚。如何在 localhost 中安装证书等?

force-ssl

This package causes Meteor to redirect insecure connections (HTTP) to a secure URL (HTTPS). Use this package to ensure that communication to the server is always encrypted to protect users from active spoofing attacks.

To simplify development, unencrypted connections from localhost are always accepted over HTTP.

Application bundles (meteor bundle) do not include an HTTPS server or certificate. A proxy server that terminates SSL in front of a Meteor bundle must set the standard x-forwarded-proto header for the force-ssl package to work.

Applications deployed to meteor.com subdomains with meteor deploy are automatically served via HTTPS using Meteor's certificate.
4

2 回答 2

4

我已经设置了一个 Apache 反向代理,它在 Meteor 前面终止 SSL,我也想在这里记录一下。

我在 SSL 虚拟主机的配置文件中添加了以下内容:

<VirtualHost _default_:443>
        ServerName server.domain.com

        ## SSL Engine Switch:
        # Enable/Disable SSL for this virtual host.
        SSLEngine on

        ## Proxy to port 3000 for Meteor apps
        SSLProxyEngine On
        ProxyRequests Off # Disable forward proxying
        ProxyPass / http://localhost:3000
        ProxyPassReverse / http://localhost:3000

        ## Your other SSL config directives such as certificates, etc.

</VirtualHost>
于 2013-11-18T20:58:46.463 回答
2

您不需要在 localhost 上安装证书。正如它所说的“为了简化开发,始终通过 HTTP 接受来自 localhost 的未加密连接。”这意味着您可以在不使用 SSL 和安装证书的情况下开发和测试应用程序。只需运行您的应用程序并http://localhost:3000像往常一样访问它。

如果您正在谈论为面向公众的应用程序安装证书,最好使用反向代理服务器,例如nginx并为该服务器安装证书。http://wiki.nginx.org/HttpProxyModule

于 2012-11-26T02:00:12.793 回答