Linux cyberpanel 5.15.0-156-generic #166-Ubuntu SMP Sat Aug 9 00:02:46 UTC 2025 x86_64
LiteSpeed
: 160.191.175.3 | : 216.73.216.114
Cant Read [ /etc/named.conf ]
8.2.29
aodai6801
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
usr /
local /
lsws /
docs /
zh-CN /
[ HOME SHELL ]
Name
Size
Permission
Action
AdminGeneral_Help.html
17.4
KB
-rw-r--r--
AdminListeners_General_Help.ht...
7.75
KB
-rw-r--r--
AdminListeners_SSL_Help.html
18.71
KB
-rw-r--r--
AdminSecurity_Help.html
9.6
KB
-rw-r--r--
App_Server_Context.html
27.15
KB
-rw-r--r--
App_Server_Help.html
20.93
KB
-rw-r--r--
CGI_Context.html
19.85
KB
-rw-r--r--
CompilePHP_Help.html
8.25
KB
-rw-r--r--
Context_Help.html
7.51
KB
-rw-r--r--
ExtApp_Help.html
11.45
KB
-rw-r--r--
External_FCGI.html
22.43
KB
-rw-r--r--
External_FCGI_Auth.html
22.51
KB
-rw-r--r--
External_LB.html
6.17
KB
-rw-r--r--
External_LSAPI.html
22.51
KB
-rw-r--r--
External_PL.html
12.12
KB
-rw-r--r--
External_Servlet.html
10.26
KB
-rw-r--r--
External_WS.html
10.24
KB
-rw-r--r--
FCGI_Context.html
15.11
KB
-rw-r--r--
Java_Web_App_Context.html
21.34
KB
-rw-r--r--
LB_Context.html
15.14
KB
-rw-r--r--
LSAPI_Context.html
15.37
KB
-rw-r--r--
Listeners_General_Help.html
11.19
KB
-rw-r--r--
Listeners_SSL_Help.html
22.42
KB
-rw-r--r--
Module_Context.html
14.99
KB
-rw-r--r--
Module_Help.html
31.07
KB
-rw-r--r--
Proxy_Context.html
15.24
KB
-rw-r--r--
Real_Time_Stats_Help.html
6.64
KB
-rw-r--r--
Redirect_Context.html
14.16
KB
-rw-r--r--
Rewrite_Help.html
12.98
KB
-rw-r--r--
ScriptHandler_Help.html
8.58
KB
-rw-r--r--
ServGeneral_Help.html
34.27
KB
-rw-r--r--
ServLog_Help.html
17
KB
-rw-r--r--
ServSecurity_Help.html
50.53
KB
-rw-r--r--
ServTuning_Help.html
47.37
KB
-rw-r--r--
ServerStat_Help.html
19.61
KB
-rw-r--r--
Servlet_Context.html
15.36
KB
-rw-r--r--
Static_Context.html
27.48
KB
-rw-r--r--
Templates_Help.html
13.93
KB
-rw-r--r--
VHGeneral_Help.html
34.4
KB
-rw-r--r--
VHSSL_Help.html
22.13
KB
-rw-r--r--
VHSecurity_Help.html
23.26
KB
-rw-r--r--
VHWebSocket_Help.html
7.96
KB
-rw-r--r--
VirtualHosts_Help.html
17.26
KB
-rw-r--r--
admin.html
7.4
KB
-rw-r--r--
config.html
9.28
KB
-rw-r--r--
index.html
5.57
KB
-rw-r--r--
install.html
9.84
KB
-rw-r--r--
intro.html
8.89
KB
-rw-r--r--
license.html
40.16
KB
-rw-r--r--
security.html
8.67
KB
-rw-r--r--
webconsole.html
5.36
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : AdminListeners_SSL_Help.html
<!DOCTYPE html> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> <title>OpenLiteSpeed Users' Manual - Admin Listeners SSL</title> <meta name="description" content="OpenLiteSpeed Users' Manual - Admin Listeners SSL." /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="robots" content="noindex"> <link rel="shortcut icon" href="../img/favicon.ico" /> <link rel="stylesheet" type="text/css" href="../css/hdoc.css"> </head> <body> <div class="pagewrapper clearfix"><aside class="sidetree ls-col-1-5"> <figure> <img src="img/ols_logo.svg" alt="openlitespeed logo" width="150px"/> </figure> <h2 class="ls-text-thin"> OpenLiteSpeed Web Server <a href="index.html"> Users' Manual</a> </h2> <h3 class="ls-text-muted">Version 1.8 — Rev. 5</h3> <hr/> <div> <ul> <li><a href="license.html">License</a></li> <li><a href="intro.html">Introduction</a></li> <li><a href="install.html">Installation</a></li> <li> <a href="admin.html">Administration</a> <ul class="level2"> <li><a href="ServerStat_Help.html">Service Manager</a></li> <li><a href="Real_Time_Stats_Help.html">Real-Time Stats</a></li> </ul> </li> <li><a href="security.html">Security</a></li> <li> <a href="config.html">Configuration</a> <ul class="level2"> <li><a href="ServGeneral_Help.html">Server General</a></li> <li><a href="ServLog_Help.html">Server Log</a></li> <li><a href="ServTuning_Help.html">Server Tuning</a></li> <li><a href="ServSecurity_Help.html">Server Security</a></li> <li><a href="ExtApp_Help.html">External Apps</a></li> <ul class="level3"> <li><a href="External_FCGI.html">Fast CGI App</a></li> <li><a href="External_FCGI_Auth.html">Fast CGI Authorizer</a></li> <li><a href="External_LSAPI.html">LSAPI App</a></li> <li><a href="External_Servlet.html">Servlet Engine</a></li> <li><a href="External_WS.html">Web Server</a></li> <li><a href="External_PL.html">Piped logger</a></li> <li><a href="External_LB.html">Load Balancer</a></li> </ul> <li><a href="ScriptHandler_Help.html">Script Handler</a></li> <li><a href="App_Server_Help.html">App Server Settings</a></li> <li><a href="Module_Help.html">Module Configuration</a></li> <li><a href="Listeners_General_Help.html">Listener General</a></li> <li><a href="Listeners_SSL_Help.html">Listener SSL</a></li> <li><a href="Templates_Help.html">Virtual Host Templates</a></li> <li><a href="VirtualHosts_Help.html">Virtual Host Basic</a></li> <li><a href="VHGeneral_Help.html">Virtual Host General</a></li> <li><a href="VHSecurity_Help.html">Virtual Host Security</a></li> <li><a href="VHSSL_Help.html">Virtual Host SSL</a></li> <li><a href="Rewrite_Help.html">Rewrite</a></li> <li><a href="Context_Help.html">Context</a></li> <ul class="level3"> <li><a href="Static_Context.html">Static Context</a></li> <li> <a href="Java_Web_App_Context.html">Java Web App Context</a> </li> <li><a href="Servlet_Context.html">Servlet Context</a></li> <li><a href="FCGI_Context.html">Fast CGI Context</a></li> <li><a href="LSAPI_Context.html">LSAPI Context</a></li> <li><a href="Proxy_Context.html">Proxy Context</a></li> <li><a href="CGI_Context.html">CGI Context</a></li> <li><a href="LB_Context.html">Load Balancer Context</a></li> <li><a href="Redirect_Context.html">Redirect Context</a></li> <li><a href="App_Server_Context.html">App Server Context</a></li> <li><a href="Module_Context.html">Module Handler Context</a></li> </ul> <li><a href="VHWebSocket_Help.html">Web Socket Proxy</a></li> </ul> </li> <li><a href="webconsole.html">Web Console</a> <ul class="level2"> <li><a href="AdminGeneral_Help.html">Admin Console General</a></li> <li><a href="AdminSecurity_Help.html">Admin Console Security</a></li> <li> <a href="AdminListeners_General_Help.html"> Admin Listener General </a> </li> <li> <span class="current"><a href="AdminListeners_SSL_Help.html">Admin Listener SSL</a></span> </li> </ul> </li> </ul> </div> </aside> <article class="contentwrapper ls-col-3-5 clearfix"><div class="nav-bar ls-spacer-micro-top"><div class="prev">« <a href="AdminListeners_General_Help.html">Admin Listeners General</a></div><div class="center"><a href="webconsole.html">Web Console</a></div><div class="next"> </div></div> <h1>Admin Listeners SSL</h1><section class="ls-spacer-small-bottom">Admin Listeners are dedicated to the Admin Server. Secure (SSL) listeners are recommended for the Admin Server.</section> <h2 id="top">Table of Contents</h2><section class="toc"><section class="toc-row"><header><a href="#sslCert">SSL私钥和证书</a></header><p> <a href="#keyFile">私钥文件</a> | <a href="#certFile">证书文件</a> | <a href="#certChain">证书链</a> | <a href="#CACertPath">CA证书路径</a> | <a href="#CACertFile">CA证书文件</a></p></section> <section class="toc-row"><header>SSL协议</header><p> <a href="#sslProtocol">Protocol Version</a> | <a href="#ciphers">密码套件</a> | <a href="#enableECDHE">启用ECDH密钥交换</a> | <a href="#enableDHE">启用DH密钥交换</a> | <a href="#DHParam">DH参数</a></p></section> <section class="toc-row"><header>Security & Features</header><p> <a href="#renegProtection">SSL密钥重新协商保护</a> | <a href="#sslSessionCache">启用SSL会话缓存</a> | <a href="#sslSessionTickets">启用会话记录单</a> | <a href="#enableSpdy">启用 SPDY/HTTP2/HTTP3</a> | <a href="#allowQuic">打开HTTP3/QUIC (UDP) 端口</a></p></section> <section class="toc-row"><header>Client Verification</header><p> <a href="#clientVerify">Client Verification</a> | <a href="#verifyDepth">验证深度</a> | <a href="#crlPath">客户端吊销路径</a> | <a href="#crlFile">客户端吊销文件</a></p></section> </section> <section><div class="helpitem"><article class="ls-helpitem"><div><header id="sslCert"><h3>SSL私钥和证书<span class="ls-permlink"><a href="#sslCert"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>每个SSL侦听器都需要成对的SSL私钥和SSL证书。 多个SSL侦听器可以共享相同的密钥和证书。<br/> 您可以使用SSL软件包自行生成SSL私钥, 例如OpenSSL。 SSL证书也可以从授权证书颁发机构(如VeriSign或Thawte)购买。 您也可以自己签署证书。 自签名证书将不受Web浏览器的信任,并且不应在公共网站上使用。 但是,自签名证书足以供内部使用,例如 用于加密到LiteSpeed Web服务器的WebAdmin控制台的流量。</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="keyFile"><h3>私钥文件<span class="ls-permlink"><a href="#keyFile"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>SSL私钥文件的文件名。 密钥文件不应被加密。</p> <h4>Syntax</h4><p>文件名可以是绝对路径,也可以是相对于$SERVER_ROOT的相对路径。</p> <h4>提示</h4><p>[安全建议] 私钥文件应放在一个安全的目录中,该目录应 允许对运行服务器的用户具有只读的访问权限。</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="certFile"><h3>证书文件<span class="ls-permlink"><a href="#certFile"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>SSL证书文件的文件名。</p> <h4>Syntax</h4><p>文件名可以是绝对路径,也可以是相对于$SERVER_ROOT的相对路径。</p> <h4>提示</h4><p>[安全建议] 私钥文件应放在一个安全的目录中,该目录应 允许对运行服务器的用户具有只读的访问权限。</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="certChain"><h3>证书链<span class="ls-permlink"><a href="#certChain"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>指定证书是否为证书链。 存储证书链的文件必须为PEM格式, 并且证书必须按照从最低级别(实际的客户端或服务器证书)到最高级别(Root)CA的链接顺序。</p> <h4>Syntax</h4><p>从单选框选择</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="CACertPath"><h3>CA证书路径<span class="ls-permlink"><a href="#CACertPath"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>指定证书颁发机构(CA)证书的目录。 这些证书用于客户端证书身份验证和构建服务器证书链,除了服务器证书之外,这些证书还将发送到浏览器。</p> <h4>Syntax</h4><p>path</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="CACertFile"><h3>CA证书文件<span class="ls-permlink"><a href="#CACertFile"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>指定包含证书颁发机构(CA)证书的证书链文件。 按照优先顺序,此文件只是PEM编码的证书文件的串联。 这可以用作替代或 除了<span class="tagl"><a href="#CACertPath">CA证书路径</a></span>。 这些证书用于客户端证书身份验证和构建服务器证书链,除了服务器证书之外,这些证书还将发送到浏览器。</p> <h4>Syntax</h4><p>文件名可以是绝对路径,也可以是相对于$SERVER_ROOT的相对路径。</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslProtocol"><h3>Protocol Version<span class="ls-permlink"><a href="#sslProtocol"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>A selection of SSL protocols accepted by the listener.<br/><br/> Options include: <span class="val">SSL v3.0</span>, <span class="val">TLS v1.0</span>, <span class="val">TLS v1.1</span>, <span class="val">TLS v1.2</span>, <span class="val">TLS v1.3</span>.</p> <h4>Syntax</h4><p>从复选框中选择</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="ciphers"><h3>密码套件<span class="ls-permlink"><a href="#ciphers"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>Specifies the cipher suite to be used when negotiating the SSL handshake. LSWS supports cipher suites implemented in SSL v3.0, TLS v1.0, TLS v1.2, and TLS v1.3.</p> <h4>Syntax</h4><p>Colon-separated string of cipher specifications.</p> <h4>例子</h4><div class="ls-example">ECDHE-RSA-AES128-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH</div><h4>提示</h4><p><span title="Security" class="ls-icon-security"></span> We recommend leaving this field blank to use our default cipher which follows SSL cipher best practices.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="enableECDHE"><h3>启用ECDH密钥交换<span class="ls-permlink"><a href="#enableECDHE"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>允许使用Diffie-Hellman密钥交换进行进一步的SSL加密。</p> <h4>Syntax</h4><p>从单选框选择</p> <h4>提示</h4><p>[安全建议] ECDH密钥交换比仅使用RSA密钥更安全。 ECDH和DH密钥交换安全性相同。<br/><br/> [性能] 启用ECDH密钥交换会增加CPU负载,并且比仅使用RSA密钥要慢。</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="enableDHE"><h3>启用DH密钥交换<span class="ls-permlink"><a href="#enableDHE"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>允许使用Diffie-Hellman密钥交换进行进一步的SSL加密。</p> <h4>Syntax</h4><p>从单选框选择</p> <h4>提示</h4><p>[安全建议] DH密钥交换比仅使用RSA密钥更安全。 ECDH和DH密钥安全性相同。<br/><br/> [x性能] 启用DH密钥交换将增加CPU负载,并且比ECDH密钥交换和RSA都慢。 如果可用,则首选ECDH密钥交换。</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="DHParam"><h3>DH参数<span class="ls-permlink"><a href="#DHParam"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>指定DH密钥交换所需的Diffie-Hellman参数文件的位置。</p> <h4>Syntax</h4><p>文件名可以是绝对路径,也可以是相对于$SERVER_ROOT的相对路径。</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="renegProtection"><h3>SSL密钥重新协商保护<span class="ls-permlink"><a href="#renegProtection"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>指定是否启用SSL密钥重新协商保护以 防御基于SSL握手的攻击。 默认值为“是”。</p> <h4>Syntax</h4><p>从单选框选择</p> <h4>提示</h4><p><span title="Information" class="ls-icon-info"></span> 可以在侦听器和虚拟主机级别启用此设置。</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslSessionCache"><h3>启用SSL会话缓存<span class="ls-permlink"><a href="#sslSessionCache"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>使用OpenSSL的默认设置启用会话ID缓存。 服务器级别设置必须设置为“是”才能使虚拟主机设置生效。<br/> 默认值:<br/> <b>服务器级别:</b> Yes<br/> <b>虚拟主机级别:</b> Yes</p> <h4>Syntax</h4><p>从单选框选择</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="sslSessionTickets"><h3>启用会话记录单<span class="ls-permlink"><a href="#sslSessionTickets"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>使用OpenSSL的默认会话票证设置启用会话记录单。 服务器级别设置必须设置为“是”才能使虚拟主机设置生效。<br/> 默认值:<br/> <b>服务器级别:</b> Yes<br/> <b>虚拟主机级别:</b> Yes</p> <h4>Syntax</h4><p>从单选框选择</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="enableSpdy"><h3>启用 SPDY/HTTP2/HTTP3<span class="ls-permlink"><a href="#enableSpdy"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>有选择地启用HTTP/3,HTTP/2和SPDY HTTP网络协议。<br/><br/> 如果要禁用SPDY,HTTP/2和HTTP3,请选中“无”,并取消选中所有其他框。<br/> Default value: All enabled</p> <h4>Syntax</h4><p>从复选框中选择</p> <h4>提示</h4><p><span title="Information" class="ls-icon-info"></span> 可以在侦听器和虚拟主机级别上设置此设置。</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="allowQuic"><h3>打开HTTP3/QUIC (UDP) 端口<span class="ls-permlink"><a href="#allowQuic"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p>允许对映射到该监听器的虚拟主机使用HTTP3/QUIC网络协议. 为了使此设置生效,还必须在服务器级别将<span class="tagl"><a href="ServTuning_Help.html#quicEnable">启用HTTP3/QUIC</a></span>设置为<span class="val">是</span>。 默认值为<span class="val">是</span>。</p> <h4>提示</h4><p><span title="Information" class="ls-icon-info"></span> 当此设置设置为<span class="val">是</span>时,仍可以通过<span class="tagl"><a href="VHSSL_Help.html#vhEnableQuic">Enable HTTP3/QUIC</a></span>设置在虚拟主机级别禁用HTTP3/QUIC。</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="clientVerify"><h3>Client Verification<span class="ls-permlink"><a href="#clientVerify"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p> Specifies the type of client certifcate authentication. Available types are: <ul> <li><b>None:</b> No client certificate is required.</li> <li><b>Optional:</b> Client certificate is optional.</li> <li><b>Require:</b> The client must has valid certificate.</li> <li><b>Optional_no_ca:</b> Same as optional.</li> </ul> The default is "None".</p> <h4>Syntax</h4><p>从列表中选择</p> <h4>提示</h4><p><span title="Information" class="ls-icon-info"></span> "None" or "Require" are recommended.</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="verifyDepth"><h3>验证深度<span class="ls-permlink"><a href="#verifyDepth"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p> Specifies how deeply a certificate should be verified before determining that the client does not have a valid certificate. The default is "1".</p> <h4>Syntax</h4><p>从列表中选择</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="crlPath"><h3>客户端吊销路径<span class="ls-permlink"><a href="#crlPath"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p> Specifies the directory containing PEM-encoded CA CRL files for revoked client certificates. The files in this directory have to be PEM-encoded. These files are accessed through hash filenames, hash-value.rN. Please refer to openSSL or Apache mod_ssl documentation regarding creating the hash filename.</p> <h4>Syntax</h4><p>path</p> </article> </div> <div class="helpitem"><article class="ls-helpitem"><div><header id="crlFile"><h3>客户端吊销文件<span class="ls-permlink"><a href="#crlFile"></a></span><span class="top"><a href="#top">⇑</a></span></h3></header></div><h4>Description</h4><p> Specifies the file containing PEM-encoded CA CRL files enumerating revoked client certificates. This can be used as an alternative or in addition to <span class="tagl"><a href="#crlPath">客户端吊销路径</a></span>.</p> <h4>Syntax</h4><p>文件名可以是绝对路径,也可以是相对于$SERVER_ROOT的相对路径。</p> </article> </div> </section> </article><div class="ls-col-1-1"><footer class="copyright">Copyright © 2013-2020. <a href="https://www.litespeedtech.com">LiteSpeed Technologies Inc.</a> 版权所有.</footer> </div></div> </body> </html>
Close
