From 9dc0e4fb6e43430f78793e4e23c0ce4577639c70 Mon Sep 17 00:00:00 2001
From: hotwa <pylyzeng@gmail.com>
Date: Mon, 19 Feb 2024 18:17:40 +0800
Subject: [PATCH] =?UTF-8?q?=E8=87=AA=E5=BB=BA=E8=AF=81=E4=B9=A6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md            | 16 ++++++++++++++++
 dhparam.pem          |  8 ++++++++
 nginx-selfsigned.crt | 21 +++++++++++++++++++++
 nginx-selfsigned.key | 28 ++++++++++++++++++++++++++++
 4 files changed, 73 insertions(+)
 create mode 100644 dhparam.pem
 create mode 100644 nginx-selfsigned.crt
 create mode 100644 nginx-selfsigned.key

diff --git a/README.md b/README.md
index 2a73708..fe34176 100644
--- a/README.md
+++ b/README.md
@@ -156,4 +156,20 @@ docker build --no-cache \
   -t mojosdk:latest \
   -f mojo/examples/docker/Dockerfile.mojosdk .
 docker buildx build --build-arg AUTH_KEY=mut_efe460b898e3482bb6208bfcd4a51d7e -t hotwa/notebook:latest . -f Dockerfile.base-notebook --load
+```
+
+
+## 自建证书
+
+openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout nginx-selfsigned.key -out nginx-selfsigned.crt
+openssl dhparam -out dhparam.pem 2048
+
+这将会在当前目录生成私钥nginx-selfsigned.key，自签名证书nginx-selfsigned.crt，以及Diffie-Hellman参数dhparam.pem。
+
+然后，在您的nginx.conf中，您需要使用这些文件：
+
+```shell
+ssl_certificate /path/to/nginx-selfsigned.crt;
+ssl_certificate_key /path/to/nginx-selfsigned.key;
+ssl_dhparam /path/to/dhparam.pem;
 ```
\ No newline at end of file
diff --git a/dhparam.pem b/dhparam.pem
new file mode 100644
index 0000000..54d8c8f
--- /dev/null
+++ b/dhparam.pem
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA8Bx3RfPIhY09yp1EU6O529MsAm5oqm0zxGeTs3tJvJs/WL4tswOM
+44HVtkdoqbVZEVSfiowFniaBbbDcqrtD7XmkTJV4//0qz/3iw8fQjEXDX3d0oCVS
+PiqZF8or2rqAm+VhGKoMsDpAdJbnvvxpBqYmVyjvNZgyuAbLV3P8h6MiphKhahwx
+ZZhihx1wNWiCZmTcJtEVjYhl4BdShrxJHgKb78iCNPbFPe1AFhhOphcOc2qVivkS
+ugZXOuTkPPGGTBBZPTE+OnvScmj6Hl+g3LL1QYEF0daugyeFeyuMeCSMmhDth/rC
+Iu4GBjuTuHcEWUhGjWrP4mU0sypaoWF7/wIBAg==
+-----END DH PARAMETERS-----
diff --git a/nginx-selfsigned.crt b/nginx-selfsigned.crt
new file mode 100644
index 0000000..e33294f
--- /dev/null
+++ b/nginx-selfsigned.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDazCCAlOgAwIBAgIUFDnkUzpWoEsPQQTp8R5u5Lb0fP0wDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
+GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDAyMTkwODI2MjZaFw0yNTAy
+MTgwODI2MjZaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
+HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQC0hnNsQ4dAUh3bN8kx0oduwyYyQY82mdvs3SvsnfRd
+jF3ZoRaHinRqg6RLbCUuk/vR/UlWtjxkcuXlBf8iUG2nt/1lEFuf/1julIUWBLIl
+toA+Y9v3Lw2YrHI0p+wOqQthCEOvTSRHy28XVfagcU/cXqmSs1VGAez6xqvv41GB
+W3eVK80cKESfNLEx5E6rbxoGW0GmsxjR2itXvw0FaB1y+sfiOFQRmqaF8NtTzhRW
+oxSU3o0wHEgbHtJ5BQjwXFudb7YyLjtnJyqQStEeNeTL15nDEYmQ0qrDGcJKJMPT
+SgarG4FW8lL3gCnouHvVFuXT4J7k51fbCsh3Gt8TYZ0ZAgMBAAGjUzBRMB0GA1Ud
+DgQWBBQqp/OYrkSCHqG5KmOAQ/D6uMSz3DAfBgNVHSMEGDAWgBQqp/OYrkSCHqG5
+KmOAQ/D6uMSz3DAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBO
+Xt+v48KoAh8j7gVyjCsWeVD2YuxmqXpCFngkpold88Ws+yZC+rMfD2Ch0u7aRfyA
+sn8qUAG6EJawRsAonv1bPOa0bWyx38GAkF8/TX3pEitZVwVIaalV5Sk62qBAI6me
+t6lwFI1c/SDwRt+0TjFaS+J68emizRornmK1jTbdvVabynhGNanvDzYVjleNlCLv
+KiW09DN2D7uylW5vlhebX6RyFvHYsGMCn/TRTf3plPXugke7j4L5RTnE5kN+uEQf
+yowCiLtCWbautS5dz+ub0Yb3n1qhbjkzwOmQOH/PrPiNOl1nWf14f7kP5+ZjTmgJ
+TI1sBCrmOa3sSZynt1UJ
+-----END CERTIFICATE-----
diff --git a/nginx-selfsigned.key b/nginx-selfsigned.key
new file mode 100644
index 0000000..3496e05
--- /dev/null
+++ b/nginx-selfsigned.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC0hnNsQ4dAUh3b
+N8kx0oduwyYyQY82mdvs3SvsnfRdjF3ZoRaHinRqg6RLbCUuk/vR/UlWtjxkcuXl
+Bf8iUG2nt/1lEFuf/1julIUWBLIltoA+Y9v3Lw2YrHI0p+wOqQthCEOvTSRHy28X
+VfagcU/cXqmSs1VGAez6xqvv41GBW3eVK80cKESfNLEx5E6rbxoGW0GmsxjR2itX
+vw0FaB1y+sfiOFQRmqaF8NtTzhRWoxSU3o0wHEgbHtJ5BQjwXFudb7YyLjtnJyqQ
+StEeNeTL15nDEYmQ0qrDGcJKJMPTSgarG4FW8lL3gCnouHvVFuXT4J7k51fbCsh3
+Gt8TYZ0ZAgMBAAECggEAHkWYh9xYCxFqF8dmSeBFnS2E03MabpvE3RamhbZkEqbV
+2wdwBXkSdgUOsSYYoxOmK+unF28WN/rrcaj8hFbL2I7aI08nqjARy+okWhGeBQRy
+Q2QP8AaYJ1StjwZkp32x3orZ/MS5E3/56EYeRf/SVkAae/LuFv/+KvxTOzYZhhEV
+Y15h8woMKG+jbKc92QoR1g0BWccK/ywKvXY2uRfoZevbplxzmAKdCKQ/RXXw0Zuo
+PcqQdaJMISatikO5DbcVfQegJ2c9X/NBwphl9xx/ROvqWrQW+faXf4bVLDi+uSuK
+D2ymMhHehAI4dYaKh1hLldC/2H+EqnVK1PkNMrsOrQKBgQC56K9rIh9K48R+TS+G
+2VFw0qxH5Fp48XruuO05EB/wTh6bUeIxmCcPDy9EuG8UuxMrPD3k+HM167uj4Nss
+zHp079gxjbLymTmHqx2itFiT+vPljWCNh75wcbVrJnw9YV6ddcaRupxa4rePWEHv
+QGcvGQJKOnyYvtN2cDWI8eNyDQKBgQD4liVh2zF8WylLNjifBpIuvv5k+5DMaRAX
+Fk88LRSpMNnI5LrWacUBMnw+KLAKA2jHxjiDdEW7StC2u/X/xTvjePMaC+fQADlE
+uCINDMNrvwkqp0DFYq9vBk/mlE5n91mMKZejBPGb3IKpuScStnqjmMlomBldFPvx
+JSEAS8EwPQKBgF8CeKviy2VFlAUMQ07CP2nOcPdoz4fhuXbJEYtJH1l7Qw8TwOqh
+nMyIcRrIuxQ4Kyq8ZdFf29lhuQqefsSdV7PtY2qnxR1Qi2M3YzTkwCQYa48UOpT6
+G6xxoEq7Z2EjIuyL5UhSu1eDaFYcv82a92DNgisXStfxJjbwT5vGKvv9AoGBAMbc
+9pLOE0x0cRhmC+3MB+21hTWrui6Mbf7KLiDpv3mKRu9ba8xTWPKYPKRNUGbyS0Rl
+4pfm0FIAi+9jdmxikIJtI61WkN/pDedXloXyC/OKI/8nRb2iMM4Usp63TfIGAnEK
+ZPBY6B/TzAOSxxtFN97gP1+ZLdE1FEfZeAkQkT/RAoGBALiwWk5NaOqLe5N1oIpr
+4vyVdqIiaA3OEKtp4WIP85g97bisawpiYzwNErJi/idrJ0waZCL/UzQhS9dShwy/
+YkanEDKhBQ7h+kHwTVrqF5b9d1jqebqjPVMv71V+i7GMdrSYoJrtOf6FFl7kYkgf
+TtziAAygzC3tDuoXprlT0BdO
+-----END PRIVATE KEY-----