php 如何在没有任何 SSL 证书的情况下将 https 重定向到 http
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/6331371/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to redirect https to http without any SSL Certificate
提问by Atif Mohammed Ameenuddin
Is difficult to explain what I am seekig here.
很难解释我在这里寻求什么。
I have a website that doesn't have SSL Certificates and I am using a page as a landing page for a Facebook Application.
我有一个没有 SSL 证书的网站,我使用一个页面作为 Facebook 应用程序的登录页面。
My Problem is when someone is on a secure connection on facebook (https://) the iframe src is pointed to the same https URL of my landing page. this returns an error like this.
我的问题是当有人在 facebook (https://) 上建立安全连接时,iframe src 指向我登录页面的相同 https URL。这会返回这样的错误。
SSL connection error
Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.
Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.
How do I may users redirect to http or any workaround without installing SSL Certificates?
用户如何在不安装 SSL 证书的情况下重定向到 http 或任何解决方法?
回答by Femi
There is really no way to do that: HTTPS relies on the SSL certificate being present and the SSL negotiation ocurring BEFORE any data is sent to the server. Therefore if there is no SSL cert then it won't even get to the point where you can send a redirect (as you are observing).
确实没有办法做到这一点:HTTPS 依赖于存在的 SSL 证书以及在将任何数据发送到服务器之前发生的 SSL 协商。因此,如果没有 SSL 证书,那么它甚至不会到达您可以发送重定向的地步(正如您所观察的那样)。
I'd suggest just buying the cheapest cert you can: GoDaddy has specials for $12.99 that I've used quite effectively for just this purpose (Facebook app SSL pages) and that you can have bought and ready in 15 minutes.
我建议您购买最便宜的证书:GoDaddy 有特价 12.99 美元,我已经非常有效地用于此目的(Facebook 应用程序 SSL 页面),您可以在 15 分钟内购买并准备好。
EDIT: Just use Lets Encrypt, as @xbakesx states in his comment. Completely free, no delay, accepted pretty much everywhere.
编辑:只需使用Lets Encrypt,正如@xbakesx 在他的评论中所说的那样。完全免费,没有延迟,几乎无处不在。
回答by geekuality
As an addition to Femi's comment, all Facebook Apps and Pages must support SSL from October 1st so one must prepare for it anyways.
作为 Femi 评论的补充,从 10 月 1 日起,所有 Facebook 应用程序和页面都必须支持 SSL,因此无论如何都必须为此做好准备。
回答by Daniel Dudas
I found a nice solution today to have pages with HTTPS without having a certificate.
我今天找到了一个很好的解决方案,可以在没有证书的情况下使用 HTTPS 页面。
You can use cloudflare SSL: Flexible.
This way the SSL will be between client and cloudflare server, and between cloudflare and your server will not be secure.
您可以使用CloudFlare的SSL: Flexible。这样 SSL 将在客户端和 cloudflare 服务器之间,而在 cloudflare 和您的服务器之间将不安全。
This option is only if you don't have sensitive data because the connection betweeen server and cloudflare is not encrypted
此选项仅适用于您没有敏感数据的情况,因为服务器和 cloudflare 之间的连接未加密
This is how it looks:
这是它的外观:
Check here more: https://support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-mean-
在此处查看更多信息:https: //support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-mean-
回答by Peter Rowell
If you can't prevent the initial connect from happening with HTTPS, then you (and your server) are never part of the conversation. The only two options are 1) get an SSL certificate (they are cheap), or 2) somehow get the connection to happen over HTTP.
如果您无法阻止使用 HTTPS 进行初始连接,那么您(和您的服务器)永远不会参与对话。仅有的两个选项是 1) 获得 SSL 证书(它们很便宜),或 2) 以某种方式通过 HTTP 建立连接。
