# frp穿透和ssl续期
## frp配置http和https,支持在通过域名访问本地服务,是开发小程序,app,公众号必备,能节省上传到服务器时间
- 准备工作
阿里云服务器一台,环境是centos或debian,已安装php环境,比如宝塔
nginx端口默认用了80,https默认是443
已备案顶级域名一个,已解析二级域名如: api.shanliwawa.top
假如服务器公网IP 9.9.9.9
本地客户端win10系统,运行php环境,端口80,服务器Apache+php,注意nginx会出错解析不了.
- 下载frp
官方 <https://github.com/fatedier/frp/releases> ,下载很慢,可以用wget命令从阿里云下载然后传回本地,速度超快,我下载的百度云链接:<https://pan.baidu.com/s/1y93ICGadhURKkT0Mz4vX3A>
提取码:a1dv
服务器端选择 64位linux frp\_0.33.0\_linux\_amd64.tar.gz
客户端选windows64位 frp\_0.33.0\_windows\_amd64.zip
- 服务器
服务器端只需要两个文件frps和frps.ini
解压到根目录下 frp文件夹 通过cd进入frp,进入目录执行,注意权限改为777
进入目录 `cd /frp`
启动命令 `nohup ./frps -c ./frps.ini &`
**服务器端管理地址 <http://9.9.9.9:7500> 默认账号密码admin**
frps.ini 配置如下,4443是通信端口,客户端也必须相同,8081是服务器端口,因为80被nginx占用了,我们要用服务器端nginx反向代理,代理配置如下
```
<pre class="calibre14">```
<span class="token2">[</span>common<span class="token2">]</span>
#通信端口
bind_port <span class="token">=</span> <span class="token3">4443</span>
#http
vhost_http_port <span class="token">=</span> <span class="token3">8081</span>
#https
vhost_https_port <span class="token">=</span> <span class="token3">8082</span>
#泛解析<span class="token2">,</span>可以解析 <span class="token">*</span><span class="token2">.</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top
subdomain_host <span class="token">=</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top
#服务器面板配置账号密码
dashboard_port <span class="token">=</span> <span class="token3">7500</span>
dashboard_user <span class="token">=</span> admin
dashboard_pwd <span class="token">=</span> admin
```
```
- nginx配置,反向代理配置,同一个服务器可以代理https和http只需要加两个server即可
```
<pre class="calibre14">```
server
<span class="token2">{</span>
listen <span class="token3">80</span><span class="token2">;</span>
server_name <span class="token">*</span><span class="token2">.</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top<span class="token2">;</span>
location <span class="token">/</span> <span class="token2">{</span>
proxy_pass http<span class="token2">:</span><span class="token">/</span><span class="token">/</span><span class="token3">127.0</span><span class="token3">.0</span><span class="token3">.1</span><span class="token2">:</span><span class="token3">8081</span><span class="token2">;</span>
proxy_set_header Host $host<span class="token2">:</span><span class="token3">80</span><span class="token2">;</span>
proxy_set_header X<span class="token">-</span>Real<span class="token">-</span>IP $remote_addr<span class="token2">;</span>
proxy_set_header X<span class="token">-</span>Forwarded<span class="token">-</span>For $proxy_add_x_forwarded_for<span class="token2">;</span>
proxy_hide_header X<span class="token">-</span>Powered<span class="token">-</span>By<span class="token2">;</span>
<span class="token2">}</span>
<span class="token2">}</span>
server
<span class="token2">{</span>
listen <span class="token3">443</span> ssl http2<span class="token2">;</span>
server_name we7<span class="token2">.</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top<span class="token2">;</span>
<span class="token5">if</span> <span class="token2">(</span>$server_port <span class="token">!</span><span class="token">~</span> <span class="token3">443</span><span class="token2">)</span><span class="token2">{</span>
rewrite <span class="token">^</span><span class="token2">(</span><span class="token">/</span><span class="token2">.</span><span class="token">*</span><span class="token2">)</span>$ https<span class="token2">:</span><span class="token">/</span><span class="token">/</span>$host$<span class="token3">1</span> permanent<span class="token2">;</span>
<span class="token2">}</span>
ssl_certificate <span class="token">/</span>www<span class="token">/</span>server<span class="token">/</span>panel<span class="token">/</span>vhost<span class="token">/</span>cert<span class="token">/</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top<span class="token">/</span>fullchain<span class="token2">.</span>pem<span class="token2">;</span>
ssl_certificate_key <span class="token">/</span>www<span class="token">/</span>server<span class="token">/</span>panel<span class="token">/</span>vhost<span class="token">/</span>cert<span class="token">/</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top<span class="token">/</span>privkey<span class="token2">.</span>pem<span class="token2">;</span>
ssl_protocols TLSv1 TLSv1<span class="token2">.</span><span class="token3">1</span> TLSv1<span class="token2">.</span><span class="token3">2</span> TLSv1<span class="token2">.</span><span class="token3">3</span><span class="token2">;</span>
ssl_ciphers ECDHE<span class="token">-</span>RSA<span class="token">-</span>AES128<span class="token">-</span>GCM<span class="token">-</span>SHA256<span class="token2">:</span>HIGH<span class="token2">:</span><span class="token">!</span>aNULL<span class="token2">:</span><span class="token">!</span>MD5<span class="token2">:</span><span class="token">!</span>RC4<span class="token2">:</span><span class="token">!</span>DHE<span class="token2">;</span>
ssl_prefer_server_ciphers on<span class="token2">;</span>
ssl_session_cache shared<span class="token2">:</span>SSL<span class="token2">:</span><span class="token3">10</span>m<span class="token2">;</span>
ssl_session_timeout <span class="token3">10</span>m<span class="token2">;</span>
error_page <span class="token3">497</span> https<span class="token2">:</span><span class="token">/</span><span class="token">/</span>$host$request_uri<span class="token2">;</span>
location <span class="token">/</span> <span class="token2">{</span>
proxy_ssl_server_name on<span class="token2">;</span>
proxy_set_header X<span class="token">-</span>Real<span class="token">-</span>IP $remote_addr<span class="token2">;</span>
proxy_set_header X<span class="token">-</span>Forwarded<span class="token">-</span>For $proxy_add_x_forwarded_for<span class="token2">;</span>
proxy_set_header X<span class="token">-</span>Forwarded<span class="token">-</span>Proto $scheme<span class="token2">;</span>
proxy_set_header Host $host<span class="token2">;</span>
proxy_pass https<span class="token2">:</span><span class="token">/</span><span class="token">/</span>we7<span class="token2">.</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top<span class="token2">:</span><span class="token3">8082</span><span class="token2">;</span>
<span class="token2">}</span>
<span class="token2">}</span>
```
```
- 客户端配置
解压到D盘frp下,通过cd 进入到frp,只需要frpc和frpc.ini,配置如下,9.9.9.9是我的阿里云IP,4443和上边对应,启动命令:
frpc -c frpc.ini
软件不能关闭,关闭就不能访问了
**客户端管理地址 <http://127.0.0.1:7400> 账号密码admin**
```
<pre class="calibre14">```
<span class="token2">[</span>common<span class="token2">]</span>
server_addr <span class="token">=</span> <span class="token3">9.9</span><span class="token3">.9</span><span class="token3">.9</span>
server_port <span class="token">=</span> <span class="token3">4443</span>
#adminUI
admin_addr <span class="token">=</span> <span class="token3">127.0</span><span class="token3">.0</span><span class="token3">.1</span>
admin_port <span class="token">=</span> <span class="token3">7400</span>
admin_user <span class="token">=</span> admin
admin_pwd <span class="token">=</span> admin
<span class="token2">[</span>web1<span class="token2">]</span>
type <span class="token">=</span> http
local_ip <span class="token">=</span> <span class="token3">127.0</span><span class="token3">.0</span><span class="token3">.1</span>
local_port <span class="token">=</span> <span class="token3">80</span>
subdomain <span class="token">=</span> home
<span class="token2">[</span>web2<span class="token2">]</span>
type <span class="token">=</span> https
local_ip <span class="token">=</span> <span class="token3">127.0</span><span class="token3">.0</span><span class="token3">.1</span>
local_port <span class="token">=</span> <span class="token3">443</span>
subdomain <span class="token">=</span>we7
```
```
- 启动vbs脚本
```
<pre class="calibre14">```
dim objShell
set objShell<span class="token">=</span>wscript<span class="token2">.</span><span class="token1">createObject</span><span class="token2">(</span><span class="token4">"WScript.Shell"</span><span class="token2">)</span>
msgbox <span class="token4">"启动frpc.exe进程成功"</span>
iReturnCode<span class="token">=</span>objShell<span class="token2">.</span><span class="token1">Run</span><span class="token2">(</span><span class="token4">"C:\app\frp\frpc.exe -c C:\app\frp\frpc.ini"</span><span class="token2">,</span><span class="token3">0</span><span class="token2">,</span>TRUE<span class="token2">)</span>
```
```
- 关闭vbs脚本
```
<pre class="calibre14">```
<span class="token1">CreateObject</span><span class="token2">(</span><span class="token4">"WScript.Shell"</span><span class="token2">)</span><span class="token2">.</span>Run <span class="token4">"taskkill /f /im frpc.exe"</span><span class="token2">,</span> <span class="token3">0</span>
msgbox <span class="token4">"关闭frpc.exe进程成功"</span>
```
```
## ssl配置
1. 登录 <https://www.sslforfree.com>,点击续期,中间一个,下载验证文件,放到本地,然后通过http方式访问;
2. 此时需要关闭本地服务器强制SSL,以及转发服务器配置文件第一个;
3. 剪切掉,然后保存,验证文件,然后下载得到三个文件;
4. 将ca\_bundle.crt复制到certificate.crt,得到两个证书;然后放到本地apache服务器;
5. 最后还需要将两个证书,部署到宝塔服务器ssl,主要是修改服务器配置文件,参考上边配置;
- 简介
- 第一章 数据库
- Mysql/mariadb
- 函数
- 基础
- 增删改索引
- 标准查询
- 高级查询
- TIDB集群mysql解决方案
- Redis
- 语言基础
- 5种数据类型
- 其他类型
- Sqlite
- 语言基础
- 常用查询
- 第二章 PHP
- 语言基础
- 第一课 流程控制和运算
- 第二课 数组
- 第三课 日期时间
- 第四课 常用函数
- 第五课 字符串
- 第六课 文件操作
- 第七课 面向对象
- 第八课 正则表达式
- 第九课 图片处理生成
- 第十课 curl/memche
- 第十一课 mysql和pdo
- 第十三课 cookie和session
- 第十四课 xml操作
- 第十五课 php5.3+新特性
- 第十六课 php7+
- 第十七课 密码安全
- 废弃函数
- php命令行
- redis应用
- 算法
- 排序算法
- 基础算法
- 无限级分类
- 自定义函数Fn
- 查找算法
- 自定义函数数据函数fn
- laravel
- 路由
- 常用语句
- 数据库
- dingo/api
- Yii2
- 控制器
- 常用类
- 数据库
- redis
- thinkphp6
- TP6文档
- TP6插件
- dedecms
- 织梦标签大全
- 数据库操作
- 内置函数和定义函数
- 织梦核心改动
- 织梦插件/底层标签开发
- PHP相关工具
- composer
- php开发环境phpenv
- Phpstorm使用
- windows编译php扩展
- PHP开源库
- 开源项目管理禅道
- sns_auth
- php-casbin权限控制
- php-jwt
- 微信SDKeasywechat
- querylist采集库
- workerman
- Box/Spout处理excel和csv
- dll扩展
- redis/memche/xdebug
- redis
- Lua
- php_xlswriter
- event
- swoole
- 常用代码库
- 微擎框架
- 第一课全局变量
- 第二课常用函数
- 第三课自定义微擎独有函数
- 第四课数据库操作
- 第五课微信端回复
- 第六课微擎高级操作
- 第八课global函数列表
- mainfest.xml详解
- js方法
- 人人商城
- 第一课model解读
- 第二课常用语句解读
- 第三课常用js解读
- 第四课附录常见问题
- 第五课附录处理报表|支付
- 常用JSON状态码
- 第三章 JavaScript
- js基础
- 浏览器对象
- 语言基础
- html5接口
- ES6新语法
- vue
- 基础语法
- 京东vueUI组件
- uniapp
- 组件开发规范
- nodejs
- 基础知识
- 安装node
- nvm不同版本node切换
- js常用标准库
- zepto/jquery
- weui
- js图标库
- elementUI
- validator表单验证
- layer弹出层
- requirejs
- wow动画
- 动画animate
- swiper4
- 百度编辑器
- flyio/axios/qs
- jquery.form
- bootstrap3
- clipboard复制
- slideout侧滑
- imagehover.css图片悬停动画
- webpack打包
- Bulma UI框架
- store 客户端存储
- lottie动画创建库
- sweetalert
- js自定义函数
- 常见JSSDK
- 微信公众号JSSDK
- 腾讯地图jssdk
- 微信小程序
- 第四章 编程语言
- markdown语言
- Dart语言
- Dart语言基础
- Flutter框架
- Lua语言
- 字符串,数组,表
- 自定义方法
- go语言
- 第1.1语言基本语法
- 第1.2流程控制
- 第1.3函数
- 第1.4结构体
- 第1.5接口
- 第1.6包
- go语言框架Gin
- CSS3语言
- CSS与CSS3
- 选择符
- 属性
- css3
- loading动画
- HTML5语言
- less
- sass
- C#
- 基础知识
- 函数
- 第五章 开发工具
- git
- nginx/apache服务器
- Linux常用操作
- crontab定时任务
- 注册表与cmd
- 阿里云ECS
- frp穿透和ssl续期
- 宝塔安装
- 树莓派
- 浏览器模拟
- 火狐/chrome常用插件
- WSL安装使用
- mac brew和终端命令
- win10相关