小白开发小程序遇到”小程序发生了ssl错误”怎么办?

分类: 电脑网络
人气 3,069 / 评论 小白开发小程序遇到”小程序发生了ssl错误”怎么办?已关闭评论 / 日期 2018-5-18
作者:

近期做小程序,在调试过程中发现苹果手机出现和安卓不一样的错误,安卓正常显示,苹果设备就是不显示返回结果,经过搜索发现,问题出在ssl的配置上

我用的是:微信小程序 Windows2008 R2服务器

经过https://www.ssllabs.com/ssltest/index.html检查,发现TLS全部是NO

问题找到理解解决

配置TLS1.2方法:
# Enables TLS 1.2 on windows Server 2008 R2 and Windows 7

# These keys do not exist so they need to be created prior to setting values.
md “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2”
md “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server”
md “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client”

# Enable TLS 1.2 for client and server SCHANNEL communications
new-itemproperty -path “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server” -name “Enabled” -value 1 -PropertyType “DWord”
new-itemproperty -path “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server” -name “DisabledByDefault” -value 0 -PropertyType “DWord”
new-itemproperty -path “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client” -name “Enabled” -value 1 -PropertyType “DWord”
new-itemproperty -path “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client” -name “DisabledByDefault” -value 0 -PropertyType “DWord”

# Disable SSL 2.0 (PCI Compliance)
md “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server”
new-itemproperty -path “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server” -name Enabled -value 0 -PropertyType “DWord”
# Enables TLS 1.2 on Windows Server 2008 R2 and Windows 7 # These keys do not exist so they need to be created prior to setting values. md “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2” md “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server” md “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client” # Enable TLS 1.2 for client and server SCHANNEL communications new-itemproperty -path “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server” -name “Enabled” -value 1 -PropertyType “DWord” new-itemproperty -path “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server” -name “DisabledByDefault” -value 0 -PropertyType “DWord” new-itemproperty -path “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client” -name “Enabled” -value 1 -PropertyType “DWord” new-itemproperty -path “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client” -name “DisabledByDefault” -value 0 -PropertyType “DWord” # Disable SSL 2.0 (PCI Compliance) md “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server” new-itemproperty -path “HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server” -name Enabled -value 0 -PropertyType “DWord”

把上面的代码复制到PowerShell里运行一下,切记要然后重启服务器。

或如下复制另存为reg文件进行执行后重启服务器:
//====================support TLS小程序======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Client]
“Enabled”=dword:00000000
“DisabledByDefault”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Server]
“Enabled”=dword:00000000
“DisabledByDefault”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Client]
“Enabled”=dword:00000000
“DisabledByDefault”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server]
“Enabled”=dword:00000000
“DisabledByDefault”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
“DisabledByDefault”=dword:00000001
“Enabled”=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
“Enabled”=dword:00000000
“DisabledByDefault”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
“Enabled”=dword:00000000
“DisabledByDefault”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
“Enabled”=dword:00000000
“DisabledByDefault”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
“Enabled”=dword:00000001
“DisabledByDefault”=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
“Enabled”=dword:00000001
“DisabledByDefault”=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
“DisabledByDefault”=dword:00000000
“Enabled”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
“DisabledByDefault”=dword:00000000
“Enabled”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
“DisabledByDefault”=dword:00000000
“Enabled”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
“Enabled”=dword:00000001
“DisabledByDefault”=dword:00000000

相关资源:
  • 窍门网:VMware 安装Tools 遇到问题的解决:VGAuthService 启动失败
    窍门网:VMware 安装Tools 遇到问题的解决:VGAuthService 启动失败
    2020-9-23
  • windows server 系统如何加固更安全?
    windows server 系统如何加固更安全?
    2020-7-1112
  • win10系统磁盘管理磁盘右键菜单只有“帮助”如何删除?
    win10系统磁盘管理磁盘右键菜单只有“帮助”如何删除?
    2020-6-3020
  • python安装pyinstaller出现的错误如何解决
    python安装pyinstaller出现的错误如何解决
    2020-4-418
  • IntelliJ IDEA 下的svn配置及使用的非常详细的图文总结
    IntelliJ IDEA 下的svn配置及使用的非常详细的图文总结
    2020-3-280
  • PHP微信扫码关注公众号并授权登录的源代码
    PHP微信扫码关注公众号并授权登录的源代码
    2020-2-214
  • pdo预处理是什么?如何理解?
    pdo预处理是什么?如何理解?
    2020-2-2119
  • MYSQL 保存微信昵称特殊字符报错解决方法-设置编码集为utf8mb4的方法
    MYSQL 保存微信昵称特殊字符报错解决方法-设置编码集为utf8mb4的方法
    2020-2-2116

评论

评论已关闭!


窍门网微信公众帐号
微信扫描
立刻加入