Do Not Think!!!
SessionIdGeneratorBase : Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [xxx,xxx] milliseconds
-Djava.security.egd=file:/dev/./urandom
proxy_set_header Connection "";
proxy_pass http://localhost:5000;
$ openssl enc -aes-256-cbc -P -md sha1
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
salt=AB748EBD04D3F18C
key=D8ED4A206B8A8FFD56072AA4AF3560590EE960E9EFE6F916A0B544FE037DBD48
iv =B8E1FCF32932F1DDE85565032D505DC
$ vi keys.txt
1;B8E1FCF32932F1DDE85565032D505DC4;D8ED4A206B8A8FFD56072AA4AF3560590EE960E9EFE6F916A0B544FE037DBD48
$ vi my.cnf
plugin-load-add = file_key_management.so
file-key-management-filename = keys.txt
MariaDB> alter table tests encrypted=yes encryption_key_id=1;
$ vi test.ibd
암호화 전/후 비교
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
$ /sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-nginx
$ sudo certbot --nginx -d dont.pe.kr -d www.dont.pe.kr
$ sudo certbot renew --dry-run