8.1.0版本ELK搭建,开启xpack认证机制

news2024/11/23 21:33:03

8.1.0版本ELK搭建,开启xpack认证机制

    • 部署环境安排
    • 下载elk安装包
    • 服务器环境配置
    • 部署elasticsearch
      • 配置认证
      • 配置客户端加密的http通信
      • 修改elastic配置文件
    • 部署kibana
    • 部署logstash
    • 部署httpd,filebeat
    • 配置kibana页面
    • 部署grafana
    • 配置grafana连接elastic

部署环境安排

ip部署服务
192.168.0.121kibana,elasticsearch
192.168.0.83elasticsearch,logstash
192.168.0.84elasticsearch,logstash,httpd,filebeat
grafana-
mysql-

下载elk安装包

下载elasticsearch-8-1-0
https://www.elastic.co/cn/downloads/past-releases#elasticsearch
https://www.elastic.co/cn/downloads/past-releases/elasticsearch-8-1-0
https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.1.0-linux-x86_64.tar.gz

下载kibana-8-1-0
https://www.elastic.co/downloads/past-releases#kibana
https://www.elastic.co/cn/downloads/past-releases/kibana-8-1-0
https://artifacts.elastic.co/downloads/kibana/kibana-8.1.0-linux-x86_64.tar.gz

下载logstash-8-1-0
https://www.elastic.co/downloads/past-releases#logstash
https://www.elastic.co/cn/downloads/past-releases/logstash-8-1-0
https://artifacts.elastic.co/downloads/logstash/logstash-8.1.0-linux-x86_64.tar.gz

下载
https://www.elastic.co/downloads/past-releases#filebeat
https://www.elastic.co/cn/downloads/past-releases/filebeat-8-1-0
https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.1.0-linux-x86_64.tar.gz

服务器环境配置

操作所有服务器

jdk

8.1.0版本自带jdk

关闭交换空间

swapoff -a
vim /etc/fstab #注释swap行

创建运行elasticsearch的用户elastic

useradd elastic

设置elastic用户的文件最大打开数量和最大线程使用数量

ulimit -n 65535
ulimit -u 4096
vim /etc/security/limits.conf
elastic -  nofile  65535
elastic -  nproc 4096

设置虚拟内存

sysctl -w vm.max_map_count=262144
vim /etc/sysctl.conf
vm.max_map_count=262144

创建数据目录

mkdir -p /data/elastic/data
mkdir -p /data/elastic/logs
chown -R elastic:elastic /data/elastic

mkdir -p /data/kibana/data
mkdir -p /data/kibana/logs

mkdir -p /data/logstash/data
mkdir -p /data/logstash/logs

mkdir -p /data/filebeat/data
mkdir -p /data/filebeat/logs

部署elasticsearch

操作所有服务器

tar xf elasticsearch-8.1.0-linux-x86_64.tar.gz -C /data
cd elasticsearch-8.1.0
chown -R elastic:elastic /data/elasticsearch-8.1.0
cd config

配置认证

https://www.elastic.co/guide/en/elasticsearch/reference/8.1/security-basic-setup.html#encrypt-internode-communication
在启动 Elasticsearch 之前,请在任何单个节点上使用该工具 为您的集群生成 CA

./bin/elasticsearch-certutil ca
#出现提示时,接受默认文件名elastic-stack-ca.p12
##出现提示时,不设置密码
This tool assists you in the generation of X.509 certificates and certificate
signing requests for use with SSL/TLS in the Elastic stack.

The 'ca' mode generates a new 'certificate authority'
This will create a new X.509 certificate and private key that can be used
to sign certificate when running in 'cert' mode.

Use the 'ca-dn' option if you wish to configure the 'distinguished name'
of the certificate authority

By default the 'ca' mode produces a single PKCS#12 output file which holds:
    * The CA certificate
    * The CA's private key

If you elect to generate PEM format certificates (the -pem option), then the output will
be a zip file containing individual files for the CA certificate and private key

Please enter the desired output file [elastic-stack-ca.p12]:	#回车(使用默认文件名)
Enter password for elastic-stack-ca.p12 :						#回车(不设置密码)

证书生成在当前目录

ll elastic-stack-ca.p12

使用上步生成的CA证书,生成节点证书

./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
This tool assists you in the generation of X.509 certificates and certificate
signing requests for use with SSL/TLS in the Elastic stack.

The 'cert' mode generates X.509 certificate and private keys.
    * By default, this generates a single certificate and key for use
       on a single instance.
    * The '-multiple' option will prompt you to enter details for multiple
       instances and will generate a certificate and key for each one
    * The '-in' option allows for the certificate generation to be automated by describing
       the details of each instance in a YAML file

    * An instance is any piece of the Elastic Stack that requires an SSL certificate.
      Depending on your configuration, Elasticsearch, Logstash, Kibana, and Beats
      may all require a certificate and private key.
    * The minimum required value for each instance is a name. This can simply be the
      hostname, which will be used as the Common Name of the certificate. A full
      distinguished name may also be used.
    * A filename value may be required for each instance. This is necessary when the
      name would result in an invalid file or directory name. The name provided here
      is used as the directory name (within the zip) and the prefix for the key and
      certificate files. The filename is required if you are prompted and the name
      is not displayed in the prompt.
    * IP addresses and DNS names are optional. Multiple values can be specified as a
      comma separated string. If no IP addresses or DNS names are provided, you may
      disable hostname verification in your SSL configuration.


    * All certificates generated by this tool will be signed by a certificate authority (CA)
      unless the --self-signed command line option is specified.
      The tool can automatically generate a new CA for you, or you can provide your own with
      the --ca or --ca-cert command line options.


By default the 'cert' mode produces a single PKCS#12 output file which holds:
    * The instance certificate
    * The private key for the instance certificate
    * The CA certificate

If you specify any of the following options:
    * -pem (PEM formatted output)
    * -multiple (generate multiple certificates)
    * -in (generate certificates from an input file)
then the output will be be a zip file containing individual certificate/key files

Enter password for CA (elastic-stack-ca.p12) :					#回车(上步未设置密码)
Please enter the desired output file [elastic-certificates.p12]:#回车(使用默认文件名)
Enter password for elastic-certificates.p12 :					#回车(不设置密码)

Certificates written to /sdata/elasticsearch-8.1.0/elastic-certificates.p12

This file should be properly secured as it contains the private key for
your instance.
This file is a self contained file and can be copied and used 'as is'
For each Elastic product that you wish to configure, you should copy
this '.p12' file to the relevant configuration directory
and then follow the SSL configuration instructions in the product guide.

For client applications, you may only need to copy the CA certificate and
configure the client to trust this certificate.

证书生成在当前目录

ll elastic-certificates.p12

把证书放置到配置目录下

mkdir config/certs
mv elastic-stack-ca.p12 config/certs
mv elastic-certificates.p12 config/certs

配置客户端加密的http通信

 ./bin/elasticsearch-certutil http

## Elasticsearch HTTP Certificate Utility

The 'http' command guides you through the process of generating certificates
for use on the HTTP (Rest) interface for Elasticsearch.

This tool will ask you a number of questions in order to generate the right
set of files for your needs.

## Do you wish to generate a Certificate Signing Request (CSR)?

A CSR is used when you want your certificate to be created by an existing
Certificate Authority (CA) that you do not control (that is, you don't have
access to the keys for that CA).

If you are in a corporate environment with a central security team, then you
may have an existing Corporate CA that can generate your certificate for you.
Infrastructure within your organisation may already be configured to trust this
CA, so it may be easier for clients to connect to Elasticsearch if you use a
CSR and send that request to the team that controls your CA.

If you choose not to generate a CSR, this tool will generate a new certificate
for you. That certificate will be signed by a CA under your control. This is a
quick and easy way to secure your cluster with TLS, but you will need to
configure all your clients to trust that custom CA.

Generate a CSR? [y/N]n 			#n 不发送认证证书请求

## Do you have an existing Certificate Authority (CA) key-pair that you wish to use to sign your certificate?

If you have an existing CA certificate and key, then you can use that CA to
sign your new http certificate. This allows you to use the same CA across
multiple Elasticsearch clusters which can make it easier to configure clients,
and may be easier for you to manage.

If you do not have an existing CA, one will be generated for you.

Use an existing CA? [y/N]y	#y 使用本地的CA证书

## What is the path to your CA?

Please enter the full pathname to the Certificate Authority that you wish to
use for signing your new http certificate. This can be in PKCS#12 (.p12), JKS
(.jks) or PEM (.crt, .key, .pem) format.
CA Path: certs/elastic-stack-ca.p12			#输入本地CA证书的路径
Reading a PKCS12 keystore requires a password.
It is possible for the keystore's password to be blank,
in which case you can simply press <ENTER> at the prompt
Password for elastic-stack-ca.p12:		#回车

## How long should your certificates be valid?

Every certificate has an expiry date. When the expiry date is reached clients
will stop trusting your certificate and TLS connections will fail.

Best practice suggests that you should either:
(a) set this to a short duration (90 - 120 days) and have automatic processes
to generate a new certificate before the old one expires, or
(b) set it to a longer duration (3 - 5 years) and then perform a manual update
a few months before it expires.

You may enter the validity period in years (e.g. 3Y), months (e.g. 18M), or days (e.g. 90D)

For how long should your certificate be valid? [5y] 5y #设置证书有效期5年

## Do you wish to generate one certificate per node?

If you have multiple nodes in your cluster, then you may choose to generate a
separate certificate for each of these nodes. Each certificate will have its
own private key, and will be issued for a specific hostname or IP address.

Alternatively, you may wish to generate a single certificate that is valid
across all the hostnames or addresses in your cluster.

If all of your nodes will be accessed through a single domain
(e.g. node01.es.example.com, node02.es.example.com, etc) then you may find it
simpler to generate one certificate with a wildcard hostname (*.es.example.com)
and use that across all of your nodes.

However, if you do not have a common domain name, and you expect to add
additional nodes to your cluster in the future, then you should generate a
certificate per node so that you can more easily generate new certificates when
you provision new nodes.

Generate a certificate per node? [y/N]n #是否每个节点都生成证书 否 n

## Which hostnames will be used to connect to your nodes?

These hostnames will be added as "DNS" names in the "Subject Alternative Name"
(SAN) field in your certificate.

You should list every hostname and variant that people will use to connect to
your cluster over http.
Do not list IP addresses here, you will be asked to enter them later.

If you wish to use a wildcard certificate (for example *.es.example.com) you
can enter that here.

Enter all the hostnames that you need, one per line.
When you are done, press <ENTER> once more to move on to the next step.

es-1
es-2-0001
es-2-0002		#输入主机名 回车输入下个主机名 两次回车输入结束

You entered the following hostnames.

 - es-1
 - es-2-0001
 - es-2-0002

Is this correct [Y/n]y #y 确认输入结束

## Which IP addresses will be used to connect to your nodes?

If your clients will ever connect to your nodes by numeric IP address, then you
can list these as valid IP "Subject Alternative Name" (SAN) fields in your
certificate.

If you do not have fixed IP addresses, or not wish to support direct IP access
to your cluster then you can just press <ENTER> to skip this step.

Enter all the IP addresses that you need, one per line.
When you are done, press <ENTER> once more to move on to the next step.

192.168.0.121
192.168.0.83
192.168.0.84 		#输入主机的ip,回车输入下一个ip,两次回车输入结束

You entered the following IP addresses.

 - 192.168.0.121
 - 192.168.0.83
 - 192.168.0.84

Is this correct [Y/n]y 	# y 确认输入结束

## Other certificate options

The generated certificate will have the following additional configuration
values. These values have been selected based on a combination of the
information you have provided above and secure defaults. You should not need to
change these values unless you have specific requirements.

Key Name: es-1
Subject DN: CN=es-1
Key Size: 2048

Do you wish to change any of these options? [y/N]n # 是否更改配置 不更改 n

## What password do you want for your private key(s)?

Your private key(s) will be stored in a PKCS#12 keystore file named "http.p12".
This type of keystore is always password protected, but it is possible to use a
blank password.

If you wish to use a blank password, simply press <enter> at the prompt below.
Provide a password for the "http.p12" file:  [<ENTER> for none] #回车

## Where should we save the generated files?

A number of files will be generated including your private key(s),
public certificate(s), and sample configuration options for Elastic Stack products.

These files will be included in a single zip archive.

What filename should be used for the output zip file? [/sdata/elasticsearch-8.1.0/elasticsearch-ssl-http.zip] 	#回车

Zip file written to /sdata/elasticsearch-8.1.0/elasticsearch-ssl-http.zip

当前目录生成证书压缩包elasticsearch-ssl-http.zip

ll elasticsearch-ssl-http.zip

解压

unzip elasticsearch-ssl-http.zip
Archive:  elasticsearch-ssl-http.zip
   creating: elasticsearch/
  inflating: elasticsearch/README.txt
  inflating: elasticsearch/http.p12
  inflating: elasticsearch/sample-elasticsearch.yml
   creating: kibana/
  inflating: kibana/README.txt
  inflating: kibana/elasticsearch-ca.pem
  inflating: kibana/sample-kibana.yml

移动证书到config/certs

mv elasticsearch/http.p12 config/certs
mv kibana/elasticsearch-ca.pem config/certs

把config/certs 同步到另外两个节点
使三台服务具有证书目录
192.168.0.121
192.168.0.83
192.168.0.84

ll config/certs
-rw------- 1 elastic elastic 3596 May 19 14:59 elastic-certificates.p12
-rw-rw-r-- 1 elastic elastic 1200 May 19 15:17 elasticsearch-ca.pem
-rw------- 1 elastic elastic 2672 May 19 14:59 elastic-stack-ca.p12
-rw-rw-r-- 1 elastic elastic 3636 May 19 15:17 http.p12

修改elastic配置文件

#修改jvm参数
vim jvm.options
-Xms2g
-Xmx2g

操作192.168.0.121

#192.168.0.121
vim elasticsearch.yml

cluster.name: my-application
node.name: node-1
path.data: /data/elastic/data
path.logs: /data/elastic/log
network.host: 192.168.0.121
http.port: 9200
discovery.seed_hosts: ["192.168.0.121", "192.168.0.83", "192.168.0.84"]
cluster.initial_master_nodes: ["192.168.0.121", "192.168.0.83", "192.168.0.84"]
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/elastic-certificates.p12
  truststore.path: certs/elastic-certificates.p12

操作192.168.0.83

#192.168.0.83
vim elasticsearch.yml
cluster.name: my-application
node.name: node-2
path.data: /data/elastic/data
path.logs: /data/elastic/log
network.host: 192.168.0.83
http.port: 9200
discovery.seed_hosts: ["192.168.0.121", "192.168.0.83", "192.168.0.84"]
cluster.initial_master_nodes: ["192.168.0.121", "192.168.0.83", "192.168.0.84"]
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/elastic-certificates.p12
  truststore.path: certs/elastic-certificates.p12

操作192.168.0.84

#192.168.0.84
vim elasticsearch.yml
cluster.name: my-application
node.name: node-3
path.data: /data/elastic/data
path.logs: /data/elastic/log
network.host: 192.168.0.84
http.port: 9200
discovery.seed_hosts: ["192.168.0.121", "192.168.0.83", "192.168.0.84"]
cluster.initial_master_nodes: ["192.168.0.121", "192.168.0.83", "192.168.0.84"]
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/elastic-certificates.p12
  truststore.path: certs/elastic-certificates.p12

操作所有服务器

cd ..
#配置启动文件
echo "nohup bin/elasticsearch > /data/elastic/log/elastic.log &" > start.sh
chmod a+x start.sh
#依次启动elasticsearch
./start.sh
tail -200f /data/elastic/log/elastic.log

任意一台elasticsearch服务器重置elastic密码

./bin/elasticsearch-reset-password -u elastic -i

#密码设置为elastic
This tool will reset the password of the [elastic] user.
You will be prompted to enter the password.
Please confirm that you would like to continue [y/N]y


Enter password for [elastic]:
Re-enter password for [elastic]:
Password for the [elastic] user successfully reset.

浏览器https访问查看验证
https://ip:9200
在这里插入图片描述
https://ip:9200/_cat/nodes?v
在这里插入图片描述

部署kibana

操作服务器192.168.0.121

tar xf kibana-8.1.0-linux-x86_64.tar.gz -C /data
cd kibana-8.1.0/config
mkdir certs
cp 
#把上方生成的elasticsearch-ca.pem 复制到certs
cp /data/elasticsearch-8.1.0/config/certs/elasticsearch-ca.pem /data/kibana-8.1.0/config/certs/
ll config/certs/
total 4
-rw-r--r-- 1 root root 1200 May 19 16:34 elasticsearch-ca.pem

重置kibana_system密码

bin/elasticsearch-reset-password -u kibana_system -i

#密码为kibana
This tool will reset the password of the [kibana_system] user.
You will be prompted to enter the password.
Please confirm that you would like to continue [y/N]y


Enter password for [kibana_system]:
Re-enter password for [kibana_system]:
Password for the [kibana_system] user successfully reset.
vim kibana.yml
server.port: 5601
server.host: "192.168.0.121"
elasticsearch.hosts: ["https://192.168.0.121:9200", "https://192.168.0.83:9200", "https://192.168.0.84:9200"]
elasticsearch.ssl.certificateAuthorities: [ "config/certs/elasticsearch-ca.pem" ]
elasticsearch.username: "kibana_system"
elasticsearch.password: "kibana"
path.data: /data/kibana/data


cd ..
echo "nohup bin/kibana --allow-root > /data/kibana/log/kibana.log &
" > start.sh
chmod a+x start.sh
./start.sh
tail -200f /data/kibana/log/kibana.log

打开页面验证
在这里插入图片描述
在这里插入图片描述

部署logstash

操作服务器192.168.0.83 192.168.0.84

tar xf  logstash-8.1.0-linux-x86_64.tar.gz -C /data
cd logstash-8.1.0/config
cp logstash-sample.conf logstash.conf
mkdir certs
cp /data/elasticsearch-8.1.0/config/certs/elasticsearch-ca.pem certs/ 
vim logstash.conf
input {
  beats {
    port => 5044
  }
}

output {
  elasticsearch {
    hosts => ["https://192.168.0.121:9200", "https://192.168.0.83:9200", "https://192.168.0.84:9200"]
    index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
    ssl => true
    cacert => "/data/logstash-8.7.0/config/certs/elasticsearch-ca.pem"
    user => "elastic"
    password => "elastic"
  }
}


cd ..
echo "nohup bin/logstash -f config/logstash.conf  > /data/logstash/log/logstash.log &" > start.sh
chmod a+x start.sh
./start.sh
tail -200f /data/logstash/log/logstash.log

部署httpd,filebeat

操作服务器192.168.0.84

yum -y install httpd
systemctl start httpd.service
systemctl status httpd.service
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2023-05-19 09:37:00 CST; 17s ago

ll /var/log/httpd/
total 4
-rw-r--r-- 1 root root   0 May 19 09:37 access_log
-rw-r--r-- 1 root root 679 May 19 09:37 error_log
tar xf filebeat-8.1.0-linux-x86_64.tar.gz -C /data
cd filebeat-8.1.0
vim filebeat.yml
egrep -v "^\s*$|^\s*#" filebeat.yml
filebeat.inputs:
- type: filestream
  enabled: true
  paths:
    - /var/log/httpd/*_log
filebeat.config.modules:
  path: ${path.config}/modules.d/*.yml
  reload.enabled: false
setup.template.settings:
  index.number_of_shards: 3
setup.kibana:
output.logstash:
  hosts: ["192.168.0.83:5044", "192.168.0.84:5044"]
processors:
  - add_host_metadata:
      when.not.contains.tags: forwarded
  - add_cloud_metadata: ~
  - add_docker_metadata: ~
  - add_kubernetes_metadata: ~
logging.level: info
echo "nohup ./filebeat -e -c filebeat.yml > /data/filebeat/log/filebeat.log &
" > start.sh
chmod a+x start.sh
./start.sh
tail -200f /data/filebeat/log/filebeat.log 

配置filebeat收集日志,打印到终端(测试)
https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-stdin.html
https://www.elastic.co/guide/en/beats/filebeat/current/console-output.html

vim filebeat-console.yml
filebeat.inputs:
- type: filestream
  id: my-filestream-id
  paths:
    - /var/log/httpd/*_log

output.console:
  pretty: true
./filebeat -e -c filebeat-console.yml

配置filebeat从终端读取数据,打印到终端(测试)

vim filebeat-stdin.yml
filebeat.inputs:
- type: stdin

output.console:
  pretty: true
./filebeat -e -c filebeat-stdin.yml

访问http服务
curl 192.168.0.84
kibana可以看到filebeat的索引
在这里插入图片描述

配置kibana页面

选择kibana下方的创建视图Data Views
在这里插入图片描述
创建视图,输入filebeat的索引名称,选择时间戳@timestamp

在这里插入图片描述
发现discover可以看到新添加的视图
在这里插入图片描述

部署grafana

https://grafana.com/get/?plcmt=top-nav&cta=downloads&tab=self-managed
在这里插入图片描述
https://grafana.com/grafana/download?pg=get&plcmt=selfmanaged-box1-cta1&edition=oss
在这里插入图片描述
在这里插入图片描述
https://dl.grafana.com/oss/release/grafana-9.5.2-1.x86_64.rpm

yum -y install grafana-9.5.2-1.x86_64.rpm
mkdir -p /data/grafana/data
mkdir -p /data/grafana/logs
mkdir -p /data/grafana/certs
cp /data/elasticsearch-8.7.0/config/certs/elasticsearch-ca.pem /data/grafana/certs/
chown -R grafana:grafana /data/grafana
vim /etc/grafana/grafana.ini
[paths]
data = /data/grafana/data
logs = /data/grafana/logs
plugins = /var/lib/grafana/plugins
provisioning = conf/provisioning
[server]
protocol = http
http_port = 3000
domain = 192.168.126.136
ca_cert_file = /data/grafana/certs/elasticsearch-ca.pem
#如果自建mysql,增加mysql配置
[database]
#数据需要先创建grafana库,并对grafana用户授权登录和操作
type = mysql
host = 127.0.0.1:3306
#要连接的数据库的名称
name = grafana
#连接数据库使用的用户
user = grafana
#连接数据库的用户密码
password = abc123456
# Example: mysql://user:secret@host:port/database
url = mysql://grafana:abc123456@127.0.0.1:3306/grafana
-- 登录 MySQL(需要具备管理员权限)
mysql -u root -p

-- 创建 grafana 数据库
-- CREATE DATABASE grafana CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE DATABASE grafana CHARACTER SET utf8 COLLATE utf8_general_ci;

-- 创建 grafana 用户并授权
-- 用户名,密码,授权主机可根据情况更改
CREATE USER 'grafana'@'localhost' IDENTIFIED BY 'abc123456';
GRANT ALL PRIVILEGES ON grafana.* TO 'grafana'@'localhost' IDENTIFIED BY 'abc123456';
FLUSH PRIVILEGES;
 systemctl enable grafana-server.service
 systemctl start grafana-server.service
 systemctl status grafana-server.service

配置grafana连接elastic

部署grafana与部署elk的时间不一致,切换了elastic的IP地址,因此grafana填写的elastic的访问地址与前面的elastic地址不一致
admin/admin
添加数据源
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

配置elastic地址
https://192.168.0.121:9200
打开 Basic auth
打开 With CA Cert
配置登录elastic的账户密码
elastic/elastic
配置CA Cert
复制elasticsearch-ca.pem内容粘贴,此处为笔者配置elastic时生成的内容
-----BEGIN CERTIFICATE-----
MIIDSTCCAjGgAwIBAgIUNvE508QZrrRR1LLyV2X+cNwsHA0wDQYJKoZIhvcNAQEL
BQAwNDEyMDAGA1UEAxMpRWxhc3RpYyBDZXJ0aWZpY2F0ZSBUb29sIEF1dG9nZW5l
cmF0ZWQgQ0EwHhcNMjMwNTIyMTA1NDIyWhcNMjYwNTIxMTA1NDIyWjA0MTIwMAYD
VQQDEylFbGFzdGljIENlcnRpZmljYXRlIFRvb2wgQXV0b2dlbmVyYXRlZCBDQTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANEDBsT4oEL6k8OY/SA5onAy
tDKeF5Z7Ia9zVhRltZNBkaPyf/LapZmlhK565BaL8tNoJI3z+sRPt3L11Gt73a8b
XGuNFpnvpkHXjXivO/1jVZm9aYqdMHCh7oRLQskkPnEe6/+eNaQgWgmVVp/rVX51
L1ToGSHL4jkxbuMKsUCxDJr4lUf5SQLN+OZ909jUXkfJEx7oYE5sbe1NgQsQ6U6v
jDuHS3upduZEuallXC69rFKx7KMwuH3XZlTfpj28gEOyrQF1z+YrigoLnIjMOIIB
cG8izUpAQVmBpdkQVW7y4vyKCedyt9GPS1KmKsnz+6KDWJ8ite3sFzeZ9BPwXxcC
AwEAAaNTMFEwHQYDVR0OBBYEFOcEa2FjWahR4Ga/vRHW0gy4DxRJMB8GA1UdIwQY
MBaAFOcEa2FjWahR4Ga/vRHW0gy4DxRJMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI
hvcNAQELBQADggEBABRZAa28mEj4+zGk2Q3t1AQSlWR5MouUvu7pildTFIEZIase
GK823tTM1wrkASfpMMEd6orWBwedGD1jaz6B8Q+PJpF3S8SIO2R8dMIpOMbiXWdM
myzqTWv2VnMTH/iH2vnqChb2mhof8vEO3LebyMGCxapoJuV+fx3s/2yhub+BrqJ1
mYLbJq6q+S6y9aRKN1gtwDNHWViXrjoJsfDEpdAbjZPu3SklDrfylwcWgVs9wS6x
8OU4P3ZhcWCPN8Xr77bTDwHfa764igNgF5vh5P1BVOh36LTMqGkDoj3fKYFj36dh
7BReQWgZOwVvvp3vhZ7a4R2Y2ppChZeXo4BkBQM=
-----END CERTIFICATE-----

点击 save & test

在这里插入图片描述

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.coloradmin.cn/o/560205.html

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈,一经查实,立即删除!

相关文章

C++中的多态,以及多态的实现、以及实现多态的两个特例。

一、 多态是什么&#xff1f; 通俗点说&#xff0c;就是多种形态。具体点就是不同对象完成某种事情&#xff0c;会产生不一样的状态。 举个例子&#xff1a;就好比&#xff1a;买票的时候&#xff0c;普通人、学生、军人等等&#xff0c;他们买票有不同的结果&#xff0c;普通人…

从零搭建完整python自动化测试框架(UI自动化和接口自动化 )

目录 一、总体框架 二、PO模式、DDT数据驱动、关键字驱动 三、框架技术选择 四、框架运行结果 五、各用例对应的定义方式&#xff08;PO/DDT&#xff09; 六、API接口定义方式 七、测试执行结果 从零开始搭建项目 一、开发环境搭建 二、新建项目 三、基础功能实现 …

前两天面了个腾讯28K来的,让我见识到了测试界的天花板

马上又是一年毕业季了&#xff0c;那么去年那一批毕业的应届生怎么样了&#xff1f; 2022年堪称大学生就业最难的一年&#xff0c;应届毕业生人数是1076万。失业率超50%&#xff01; 但是我观察到一个数据&#xff0c;那就是已经就业的毕业生中&#xff0c;计算机通信等行业最…

数据结构(C语言):一元多项式的操作(链表实现)

一、题目 一元多项式的操作 设有两个一元多项式&#xff1a; p(x)p0p1xp2x2pnxn q(x)q0q1xq2x2qmxm 多项式项的系数为实数&#xff0c;指数为整数&#xff0c;设计实现一元多项式操作的程序&#xff1a; ① 多项式链表建立&#xff1a;以&#xff08;系数&#xff0c;指数…

国内最佳的客服系统Tidio替代品是什么?

许多做跨境电商的企业都知道&#xff0c;Tidio是一款不错的为电子商务量身定制的全渠道客服系统支持工具&#xff0c;但还有其他同样不错的选择。 当前许多同类型产品以迎合欧美客户居多&#xff0c;中国用户使用不惯&#xff1b;免费版体验门槛高&#xff1b;只支持海外支付方…

【链路追踪】「Go语言」OpenTelemetry实现[gin, gRPC, log, gorm, redis]的集成

文章目录 一、OpenTelemetry的前世今生OpenTracingOpenCensus大一统 二、OpenTelemetry快速体验go快速体验OpenTelemetry系统架构尾部采样 三、通过http完成span传输函数中传递span的context 四、自定义inject和extract源码五、gRPC集成自用框架集成&#xff08;无视即可&#…

最强chrome、edge的广告拦截插件

最强chrome、edge的广告拦截插件 对于浏览器的广告是非常烦人的&#xff0c;尤其是使用百度搜索引擎时&#xff0c;总会在右侧出现百度热搜这样的东西&#xff0c;有时不经意间就会被某些热搜吸引。本来想搜索一些内容&#xff0c;结果被热搜等耗费了大量时间。 有很多人推荐…

pytorch基础语法学习:数据预处理transforms模块

来源&#xff1a;投稿 作者&#xff1a;阿克西 编辑&#xff1a;学姐 建议搭配视频食用 视频链接&#xff1a;https://ai.deepshare.net/detail/p_5df0ad9a09d37_qYqVmt85/6 系列其他文章传送门&#xff1a; pytorch基础语法学习&#xff1a;数据读取机制Dataloader与Datase…

3D点云数据转为俯瞰图Python实现代码

我主要是参考了英文博客来撰写本篇文章&#xff0c;仅作为个人学习笔记参考使用。 文章目录 一、点云数据二、图像与点云坐标三、创建点云数据的鸟瞰视图3.1 鸟瞰图的相关坐标轴3.2 限制点云数据范围3.3 将点位置映射到像素位置3.4 切换到新的零点3.5 像素值3.6 创建图像矩阵3.…

IOS最新版开通GPT-PLUS方法

前提&#xff0c;美国IP魔法 不多说了 1.拥有一个美区apple id账号 可以买&#xff0c;也可以自己申请 自己申请就打开魔法到apple官网注册&#xff0c;用gmail邮箱&#xff0c;然后地址用美国地址生成器&#xff0c;记得选免税州 2.充值礼品卡 支付宝可以充值礼品卡&…

大模型总是「胡说八道」怎么办?手把手教你如何应对!

随着 ChatGPT 的出现&#xff0c;「AI 幻觉」一词被频繁提及。那么&#xff0c;什么是 AI 幻觉&#xff1f;简单来说&#xff0c;就是大模型在一本正经地胡说八道。 不止 ChatGPT&#xff0c;其他大语言模型也经常如此&#xff0c;究其根本是大语言模型在训练的过程中存在数据偏…

驱动开发-----io模型总结(2023-5-23)

1.非阻塞模型 在我们使用open函数时&#xff0c;将打开的驱动设置为O_NONBLOCK时&#xff0c;当我们用read函数去读取硬件数据时&#xff0c;无论硬件是否有数据&#xff0c;都会往下执行&#xff0c;不会被阻塞在这里 2.阻塞模型 在我们使用open函数时&#xff0c;没有设置…

C++学习之路-变量和基本内置类型

变量和基本内置类型 一、基本内置类型1.1 算数类型1.2 带符号类型和无符号类型1.3 类型转换含有无符号类型的表达式 1.4 字面值常量整形和浮点型字面值字符和字符串字面值转义序列指定字面值的类型 二、变量2.1 变量的定义初始化列表初始化默认初始化 2.2 变量声明和定义的关系…

斐波那契数列数列相关简化1

斐波那契数列问题介绍&#xff1a; 斐波那契数列&#xff08;Fibonacci sequence&#xff09;&#xff0c;又称黄金分割数列&#xff0c;因数学家莱昂纳多斐波那契&#xff08;Leonardo Fibonacci&#xff09;以兔子繁殖为例子而引入&#xff0c;故又称为“兔子数列”&#xf…

包管理工具详解npm、yarn、cnpm、npx、pnpm

目录&#xff1a; 1 npm包管理工具 2 package配置文件 3 npm install原理 4 yarn、cnpm、npx 5 发布自己的开发包 6 pnpm使用和原理 当我们使用npm install xxxx 的时候会添加一个node_module和2个json文件&#xff1a; package.json是配置信息文件&#xff0c;  这个配…

Go完整即时通讯项目及Go的生态介绍

Go完整即时通讯项目 项目架构&#xff1a; 1 编写基本服务端-Server server.go package mainimport ("fmt""net" )// 定义服务端 type Server struct {ip stringport int }// 创建一个Server func NewServer(ip string, port int) *Server {return …

Jenkins + docker-compose 在 Centos 上搭建部署

一、前期准备 1. 检查 CentOS上 是否安装 docker 可以使用以下命令&#xff1a; sudo docker version 如果已经安装了Docker&#xff0c;它将显示有关Docker版本和构建信息的输出。如果未安装Docker&#xff0c;将收到有关命令未找到的错误消息。 2. 检查是否安装 docker-…

cookie-机制

目录 一、基础概念 二、cookie的处理方式 一、基础概念 1、cookie是存储在客户端的一组键值对 2、web中cookie的典型应用&#xff1a;免密登陆 3、cookie和爬虫之间的关联 有时&#xff0c;对一张页面进行请求的时候&#xff0c;如果请求的过程中不携带cookie的话&#xf…

Openai+Coursera: ChatGPT Prompt Engineering(四)

想和大家分享一下最近学习的Coursera和openai联合打造ChatGPT Prompt Engineering在线课程.以下是我写的关于该课程的前两篇博客&#xff1a; ChatGPT Prompt Engineering(一)ChatGPT Prompt Engineering(二)ChatGPT Prompt Engineering(三) 今天我们来学习第三部分内容&…

Java on Azure Tooling 4月更新|路线图更新及 Azure Toolkit for IntelliJ 增强

作者&#xff1a;Jialuo Gan - Program Manager, Developer Division at Microsoft 排版&#xff1a;Alan Wang 大家好&#xff0c;欢迎来到 Java on Azure 工具产品的4月更新。让我们首先来谈谈我们对未来几个月的 Java on Azure 开发工具的投资。在这次更新中&#xff0c;我们…