preface
Share an HTTPS optimization case. With the introduction of strict measures such as “unsafe” and red page warning on HTTP protocol by relevant browsers, as well as mandatory HTTPS requirements on ATS of iOS applications and small programs of wechat and Alipay, as well as requirements on transmission security in terms of compliance, such as level protection, are promoting the development of HTTPS.
Although HTTPS improves the web experience (against hijacking) and makes the delivery more secure, many web owners who use HTTPS to rush to the web face problems such as slow page loading, high server load, and expired certificates.
So this article will discuss HTTPS optimization practices.
The selection
In fact, Web services like Apache Httpd, LigHttpd, Canddy and other software can set HTTPS, but in the corresponding extension ecology and update rate are inferior to Nginx. Nginx has gained widespread support as a Web portal for large Internet sites, such as Alibaba’s Tengine, CloudFlare’s Cloudflare-Nginx, and OpenResty, which is also used in the cloud, are all based on Nginx. Nginx is authenticated on a large scale. At the same time, people will also develop their own components back to the Nginx community, so that Nginx has a very good extension ecosystem.
Figure 1-1 Usage of Nginx on the entire network
Therefore, Nginx is a good Web service software, and the choice of Nginx can greatly reduce our expansion costs while improving performance.
New features
There are a lot of new features around Web services that need to be looked at and applied, so here are some of the new features.
HTTP/2
Compared to the old HTTP/1.x, HTTP/2 has major changes and optimizations in the underlying transport, including:
-
Each server only uses one connection, saving the time of establishing multiple connections, which is especially effective in TLS
-
To speed UP TLS delivery, HTTP/2 takes only one TLS handshake, achieving optimum performance through multiplexing over a connection
-
More secure, more secure user information by reducing the performance penalty of TLS and enabling more applications to use TLS
In Akamai’s HTTP/2 DEMO, the advantages of HTTP/2 became apparent when loading 300 images. HTTP/2 took less than 1s of HTTP/ 1.x’s 14.8s.
HTTP/2 is now supported by most modern browsers. As long as we ensure that Nginx is greater than 1.9.5. Of course, it is recommended to keep the latest stable version of Nginx in order to update relevant patches. HTTP/2 also requires OpenSSL greater than 1.0.2 to support modern browsers.
The TLS 1.3
As well as HTTP/1.x, the currently supported TLS protocol versions 1.1 and 1.2, released in 2006 and 2008 respectively, have fallen behind The Times. In August 2018, IETF finally announced the release of the TLS 1.3 specification. Standards Track is defined in rfc8446.
TLS 1.3 has the following enhancements compared to previous versions:
-
Handshake time: In the same case, TLSv1.3 has one less RTT than TLSv1.2
-
Application data: 0-RTT is supported for sending application data in session multiplexing scenarios
-
Handshake messages: all after ServerHello are ciphertext.
-
Session reusing mechanism: The Session reusing based on the Session ID is deprecated and the Session reusing based on the PSK mechanism is adopted.
-
Key algorithm: TLSv1.3 supports only the PFS (full forward security) key exchange algorithm. RSA is disabled. The symmetric key algorithm adopts only the AEAD encryption algorithm. The AES and RC4 algorithms in CBC mode are disabled.
-
Key export algorithm: TLSv1.3 uses a newly designed algorithm called HKDF, while TLSv1.2 uses PRF algorithm. We will look at the differences between the two algorithms later.
OpenSSL 1.1.1 is an LTS version. In the future, RHEL8 and Debian10 will support TLS 1.3 as the main version. Implementation on Nginx requires Nginx 1.13+.
Brotli
Brotli is a lossless compression algorithm introduced by Google in September 2015. It uses variant LZ77 algorithm, Huffman coding and second-order text modeling to compress data, which is a compression method with high compression ratio.
According to a research report published by Google, Brotli has the following characteristics:
-
Brotli performs 17-25% better than Gzip for common Web resource content;
-
Brotli compression level 1 is the fastest, and the compression rate is higher than gzip compression level 9 (the highest).
-
Brotli still provides very high compression rates when working with different HTML documents;
While compatible with GZIP, compared to GZIP:
-
Zoom out 14% on JavaScript
-
Shrunk by 21% in HTML
-
Shrink by 17% on CSS
Brotli support must rely on HTTPS, but in other words Brotli can only be implemented with HTTPS.
ECC certificates
Elliptic Curve Cryptography (ECC), an algorithm for establishing public key encryption, based on Elliptic curve mathematics. The use of elliptic curves in cryptography was independently proposed by Neal Koblitz and Victor Miller in 1985.
A certificate with a built-in ECDSA public key is called an ECC certificate. A certificate with a built-in RSA public key is an RSA certificate. ECDHE Key exchange + ECDSA digital signature is undoubtedly the best choice because 256-bit ECC Key is the same as 3072-bit RSA Key in terms of security and ECC operation speed is faster. Under the same security conditions, the ECC algorithm requires shorter keys. Therefore, the ECC certificate file size is smaller than that of the RSA certificate.
The ECC certificate can not only be used in HTTPS scenarios, but can replace all RSA certificates, such as SSH key login and SMTP TLS sending.
However, there are two points to note when using ECC certificates:
Not all certificate types are supported. Generally, the issuing of ECC certificates is supported only for commercial certificates with enhanced words.
Second, ECC certificates may not be supported in some scenarios, because some products or software may not support ECC. In this case, dashed lines are required to solve the problem. For example, some old operating systems and browsers do not support ECC. You can use ECC+RSA dual-certificate mode to solve the problem.
The installation
Download the source code
With all the new features we’re going to use, let’s put together the requirements:
HTTP/2 requires Nginx 1.9.5+, OpenSSL 1.0.2+
TLS 1.3 requires Nginx 1.13+, OpenSSL 1.1.1+
Brotli requires HTTPS and adds extended support to Nginx
ECC dual certificates require Nginx 1.11+
For Nginx, I personally recommend 1.15+ because 1.14 already supports TLS1.3, but some advanced TLS1.3 features are only available in 1.15+.
Then we define the version number:
Go to the official website to pay attention to the latest version:
http://nginx.org/en/download.html
https://www.openssl.org/source/
https://github.com/eustas/ngx_brotli/releases
Nginx
OpenSSL
Brotli
compile
Follow-up and relevant variables set up and set up the service and steps, such as open to start the space limit is omitted, this article has introduced under Ubuntu Nginx compiler: https://www.mf8.biz/ubuntu-nginx/.
configuration
Next we need to modify the configuration file.
HTTP2
Just add http2 to lisen 443 SSL under server{}. Since 1.15+, there is no need to write SSL on. If you use 1.15+, you will get an error when using the original configuration file.
The TLS 1.3
If you do not intend to continue supporting IE8, or some compliance requirements, you can remove TLSv1.
Then we modify the corresponding encryption algorithm and add the new algorithm introduced by TLS1.3:
If you do not want to support Internet Explorer 8, you can remove Cipher Suite including 3DES.
Ssl_early_data on; ssl_early_data on; ssl_early_data; Command to enable 0-RTT support.
— — —
Experimental trial
As we all know, TLS1.3 due to the update for a long time, many browsers still only support the old version of the Draft version, such as 23, 26, 28 respectively on Chrome, FirFox support, on the other hand, the official version due to the Draft out for a long time, resulting in TLS1.3 compatibility on the browser a lot too good.
Can use https://github.com/hakasenyang/openssl-patch/ to provide OpenSSL Patch to OpenSSL 1.1.1 23,26,28 and formal at the same time support the draft version of the output. However, since it is not an official script, stability and security are subject to consideration.
ECC double certificate
Double certificate configuration is very simple, ensure that the domain name certificate has RSA and ECC respectively can be.
Brotli
Add the following code to the corresponding configuration file:
In case you get confused, put a complete server{} for your reference:
Verify that the configuration file is correct:
If the feedback is:
You can restart Nginx, and then go to the corresponding website to see the effect.
validation
HTTP/2
Using the browser’s developer tools, we can see whether h2 is displayed in Protocol in the Network column.
The TLS 1.3
As usual, you can check the Connection TAB to see if TLS 1.3 is displayed under the Security TAB of the developer tools in your browser
ECC double certificate
ECC dual certificate configuration is nothing more than authentication on older browser Settings. Here’s an old enough XP virtual machine to prove a wave.
On XP:
On modern operating systems:
Brotli
Using the developer tools of the browser, we can open the header of the specific page in the Network column and see the accept-Encoding with br in it.
conclusion
By doing so, you should be able to optimize the HTTPS experience a lot, and it will probably be faster than sites that don’t do HTTPS.
This mode is more suitable for the establishment of a single cloud server or a simple cluster. If SLB seven-layer agent, WAF, CDN and other products are applied, these operations may be in vain. These operations are self-built Web 7-layer services. If SLB 7-layer proxy, WAF and CDN are set, they will be overwritten before the cloud server.
Since products like SLB layer 7 and CDN tend to be more compatible and stable than the new features mentioned above (HTTP/2 is common), However, they are equipped with Ali Cloud’s Tengine external dedicated algorithm acceleration hardware such as Intel® QuickAssist Technology(QAT) accelerator which can significantly improve SSL/TLS handshake phase performance. All HTTPS encryption and decryption are performed on the SLB or CDN instead of the ECS, which significantly reduces the load of the ECS and improves the access experience.
At present, the network products on the cloud that can support layer 4 can continue to be compatible with our design, such as layer 4 forwarding (TCP UDP) of SLB and Layer 4 forwarding of high anti-ddos.
Reprint disclaimer: This article is reprinted from the “Cloud Community”
Recommended reading
Carefully arrange | public number article directory
How many of these 11 “terminal diseases” did you get…
How many of ali’s awesome open source tools do you know?
Dissatisfied with being fired, another programmer deleted the library and ran away!
A drag two lazy three not studious aspirant, do not eliminate you eliminate who?
Things you didn’t know about Alibaba open Source
After a year of hard practice summed up the use of Vim skills!
What exactly can Nginx do? You will understand after reading this article!
, end,
— Writing is not easy, your forwarding is the biggest support for me —
At present, more than 40,000 people are interested in joining us
Scan code plus group communication
Like, scan code attention to increase a reader to it!
All the essence of the official account is here!