13.0 Introduction
The internet can be a scary place, but it doesn’t have to be. Encryp‐
tion for information in transit has become easier and more attaina‐
ble in that signed certificates have become less costly with the advent
of Let’s Encrypt and Amazon Web Services. Both offer free certifi‐
cates with limited usage. With free signed certificates, there’s little
standing in the way of protecting sensitive information. While not
all certificates are created equal, any protection is better than none.
In this chapter, we discuss how to secure information between
NGINX and the client, as well as NGINX and upstream services.
13.0 介绍
虽然总体上互联网环境危机四伏,但并非没有解决方法。随着 Let's 加密和 Amazon
Web 服务的出现,在传输中传输对信息加密变得更加容易,也更容易实现。这两个
服务都提供免费的证书可供开发这使用。这些免费证书,使用户敏感信息保护不再
成为技术障碍。然并非所有的证书在保护敏感信息的能力都是相同的,不过启用总比
不用强。本章将学习客户端与 NGINX 数据加密和 NGINX 服务器与代理服务(upstream
services)的数据加密解决方案。