zoukankan      html  css  js  c++  java

  • linux Apache设置https访问以及加载mod_ssl.so模块以及问题解决

    开始之前的话:

    1.配置好服务器防火墙的443端口规则;

    2.购买好证书文件,我是沃通证书,准备好证书,这里不演示证书的购买和安装。

    3.根据服务器类型下载文件,apache一共有4个文件

    这里提供沃通apache安装ssl教程,百度云盘连接:链接:https://pan.baidu.com/s/1okIKQ67PtR82XFYXYhiK7w  提取码:jfj5

    4.我的apache是编译安装的,文件目录在/usr/local/apache    按照以上文档设置后发现是缺少mod-ssl.so这个模块的。所以我设置好配置文件后重启服务直接报错

    [root@www bin]# ./apachectl -k restart
Syntax error on line 60 of /usr/local/apache/conf/extra/httpd-ssl.conf:
Invalid command 'SSLCipherSuite', perhaps misspelled or defined by a module not included in the server configuration

    查阅资料发现也的确是这个模块未安装,因为是编译安装的,所以只能下载对应的版本文件上传编译安装这个模块

    5.查找自己的apache版本:

    [root@www bin]# ./apachectl -v
Server version: Apache/2.2.34 (Unix)
Server built:   Aug  4 2017 04:25:09

    是apache/2.2.34版本,

    6.根据服务器apache版本下载对应版本:apache历史版本下载 (好像要梯子,我是直接香港服务器下载的)

    去官网下载对应的版本httpd2.2.34.tar.gz

    7.解压下载的版本文件 将modules下的loggers,ssl两个文件【一定是两个文件否则出错】放到服务器端apache的modules下

    [root@www apache]# cd modules/
[root@www modules]# ls  ##这里是没有要上传的两个文件目录
httpd.exp           mod_authn_dbd.so        mod_authz_owner.so  mod_deflate.so     mod_ident.so         mod_mime.so         mod_suexec.so
libphp5.so          mod_authn_dbm.so        mod_authz_user.so   mod_dir.so         mod_imagemap.so      mod_negotiation.so  mod_unique_id.so
mod_actions.so      mod_authn_default.so    mod_autoindex.so    mod_dumpio.so      mod_include.so       mod_reqtimeout.so   mod_userdir.so
mod_alias.so        mod_authn_file.so       mod_cern_meta.so    mod_env.so         mod_info.so          mod_rewrite.so      mod_usertrack.so
mod_asis.so         mod_authz_dbm.so        mod_cgi.so          mod_expires.so     mod_log_config.so    mod_setenvif.so     mod_version.so
mod_auth_basic.so   mod_authz_default.so    mod_dav_fs.so       mod_ext_filter.so  mod_log_forensic.so  mod_speling.so      mod_vhost_alias.so
mod_auth_digest.so  mod_authz_groupfile.so  mod_dav.so          mod_filter.so      mod_logio.so         mod_status.so
mod_authn_anon.so   mod_authz_host.so       mod_dbd.so          mod_headers.so     mod_mime_magic.so    mod_substitute.so
[root@www modules]# ll   ###在这个文件目录下也没有所需的mod_ssl.so模块
total 39248
-rw-r--r-- 1 root root     9377 Aug  4  2017 httpd.exp
-rwxr-xr-x 1 root root 37156191 Aug  4  2017 libphp5.so
drwxr-xr-x 2 root root     4096 Jul  1 15:32 loggers   ##上传好的文件
-rwxr-xr-x 1 root root    29682 Aug  4  2017 mod_actions.so
-rwxr-xr-x 1 root root    42461 Aug  4  2017 mod_alias.so
-rwxr-xr-x 1 root root    26746 Aug  4  2017 mod_asis.so
-rwxr-xr-x 1 root root    31555 Aug  4  2017 mod_auth_basic.so
-rwxr-xr-x 1 root root    75321 Aug  4  2017 mod_auth_digest.so
-rwxr-xr-x 1 root root    28015 Aug  4  2017 mod_authn_anon.so
-rwxr-xr-x 1 root root    33221 Aug  4  2017 mod_authn_dbd.so
-rwxr-xr-x 1 root root    28936 Aug  4  2017 mod_authn_dbm.so
-rwxr-xr-x 1 root root    25020 Aug  4  2017 mod_authn_default.so
-rwxr-xr-x 1 root root    29331 Aug  4  2017 mod_authn_file.so
-rwxr-xr-x 1 root root    32931 Aug  4  2017 mod_authz_dbm.so
-rwxr-xr-x 1 root root    25082 Aug  4  2017 mod_authz_default.so
-rwxr-xr-x 1 root root    32860 Aug  4  2017 mod_authz_groupfile.so
-rwxr-xr-x 1 root root    32531 Aug  4  2017 mod_authz_host.so
-rwxr-xr-x 1 root root    28441 Aug  4  2017 mod_authz_owner.so
-rwxr-xr-x 1 root root    27019 Aug  4  2017 mod_authz_user.so
-rwxr-xr-x 1 root root    96568 Aug  4  2017 mod_autoindex.so
-rwxr-xr-x 1 root root    31153 Aug  4  2017 mod_cern_meta.so
-rwxr-xr-x 1 root root    73833 Aug  4  2017 mod_cgi.so
-rwxr-xr-x 1 root root   185754 Aug  4  2017 mod_dav_fs.so
-rwxr-xr-x 1 root root   345418 Aug  4  2017 mod_dav.so
-rwxr-xr-x 1 root root    56796 Aug  4  2017 mod_dbd.so
-rwxr-xr-x 1 root root    71840 Aug  4  2017 mod_deflate.so
-rwxr-xr-x 1 root root    31959 Aug  4  2017 mod_dir.so
-rwxr-xr-x 1 root root    31867 Aug  4  2017 mod_dumpio.so
-rwxr-xr-x 1 root root    28846 Aug  4  2017 mod_env.so
-rwxr-xr-x 1 root root    37566 Aug  4  2017 mod_expires.so
-rwxr-xr-x 1 root root    60673 Aug  4  2017 mod_ext_filter.so
-rwxr-xr-x 1 root root    48974 Aug  4  2017 mod_filter.so
-rwxr-xr-x 1 root root    55132 Aug  4  2017 mod_headers.so
-rwxr-xr-x 1 root root    33238 Aug  4  2017 mod_ident.so
-rwxr-xr-x 1 root root    47520 Aug  4  2017 mod_imagemap.so
-rwxr-xr-x 1 root root   125357 Aug  4  2017 mod_include.so
-rwxr-xr-x 1 root root    50893 Aug  4  2017 mod_info.so
-rwxr-xr-x 1 root root    83862 Aug  4  2017 mod_log_config.so
-rwxr-xr-x 1 root root    35269 Aug  4  2017 mod_log_forensic.so
-rwxr-xr-x 1 root root    29510 Aug  4  2017 mod_logio.so
-rwxr-xr-x 1 root root    76780 Aug  4  2017 mod_mime_magic.so
-rwxr-xr-x 1 root root    51248 Aug  4  2017 mod_mime.so
-rwxr-xr-x 1 root root   102460 Aug  4  2017 mod_negotiation.so
-rwxr-xr-x 1 root root    41673 Aug  4  2017 mod_reqtimeout.so
-rwxr-xr-x 1 root root   164579 Aug  4  2017 mod_rewrite.so
-rwxr-xr-x 1 root root    39321 Aug  4  2017 mod_setenvif.so
-rwxr-xr-x 1 root root    36386 Aug  4  2017 mod_speling.so
-rwxr-xr-x 1 root root    58503 Aug  4  2017 mod_status.so
-rwxr-xr-x 1 root root    41166 Aug  4  2017 mod_substitute.so
-rwxr-xr-x 1 root root    27954 Aug  4  2017 mod_suexec.so
-rwxr-xr-x 1 root root    30111 Aug  4  2017 mod_unique_id.so
-rwxr-xr-x 1 root root    31342 Aug  4  2017 mod_userdir.so
-rwxr-xr-x 1 root root    37930 Aug  4  2017 mod_usertrack.so
-rwxr-xr-x 1 root root    23067 Aug  4  2017 mod_version.so
-rwxr-xr-x 1 root root    37708 Aug  4  2017 mod_vhost_alias.so
drwxr-xr-x 2 root root     4096 Jul  1 15:32 ssl  ##上传好的文件

    8.cd到服务端的modules/ssl目录;执行命令: apxs -i -c -a -D HAVE_OPENSSL=1 -I /usr/include/openssl -lcrypto -lssl -ldl *.c 即可

    [root@www modules]# cd ssl/
[root@www ssl]# ls
config.m4    mod_ssl.mak          ssl_engine_dh.c      ssl_engine_pphrase.c  ssl_expr_parse.c  ssl_scache.c          ssl_util_ssl.c
Makefile.in  NWGNUmakefile        ssl_engine_init.c    ssl_engine_rand.c     ssl_expr_parse.h  ssl_scache_dbm.c      ssl_util_ssl.h
mod_ssl.c    README               ssl_engine_io.c      ssl_engine_vars.c     ssl_expr_parse.y  ssl_scache_dc.c
mod_ssl.dep  README.dsov.fig      ssl_engine_kernel.c  ssl_expr.c            ssl_expr_scan.c   ssl_scache_shmcb.c
mod_ssl.dsp  README.dsov.ps       ssl_engine_log.c     ssl_expr_eval.c       ssl_expr_scan.l   ssl_toolkit_compat.h
mod_ssl.h    ssl_engine_config.c  ssl_engine_mutex.c   ssl_expr.h            ssl_private.h     ssl_util.c
[root@www ssl]# apxs -i -c -a -D HAVE_OPENSSL=1 -I /usr/include/openssl -lcrypto -lssl -ldl *.c 
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o mod_ssl.lo mod_ssl.c && touch mod_ssl.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_engine_config.lo ssl_engine_config.c && touch ssl_engine_config.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_engine_dh.lo ssl_engine_dh.c && touch ssl_engine_dh.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_engine_init.lo ssl_engine_init.c && touch ssl_engine_init.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_engine_io.lo ssl_engine_io.c && touch ssl_engine_io.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_engine_kernel.lo ssl_engine_kernel.c && touch ssl_engine_kernel.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_engine_log.lo ssl_engine_log.c && touch ssl_engine_log.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_engine_mutex.lo ssl_engine_mutex.c && touch ssl_engine_mutex.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_engine_pphrase.lo ssl_engine_pphrase.c && touch ssl_engine_pphrase.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_engine_rand.lo ssl_engine_rand.c && touch ssl_engine_rand.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_engine_vars.lo ssl_engine_vars.c && touch ssl_engine_vars.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_expr.lo ssl_expr.c && touch ssl_expr.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_expr_eval.lo ssl_expr_eval.c && touch ssl_expr_eval.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_expr_parse.lo ssl_expr_parse.c && touch ssl_expr_parse.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_expr_scan.lo ssl_expr_scan.c && touch ssl_expr_scan.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_scache.lo ssl_scache.c && touch ssl_scache.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_scache_dbm.lo ssl_scache_dbm.c && touch ssl_scache_dbm.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_scache_dc.lo ssl_scache_dc.c && touch ssl_scache_dc.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_scache_shmcb.lo ssl_scache_shmcb.c && touch ssl_scache_shmcb.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_util.lo ssl_util.c && touch ssl_util.slo
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -I/usr/include/openssl -DHAVE_OPENSSL=1  -c -o ssl_util_ssl.lo ssl_util_ssl.c && touch ssl_util_ssl.slo
/usr/local/apache/build/libtool --silent --mode=link gcc -o mod_ssl.la  -lcrypto -lssl -ldl -rpath /usr/local/apache/modules -module -avoid-version    ssl_util_ssl.lo ssl_util.lo ssl_scache_shmcb.lo ssl_scache_dc.lo ssl_scache_dbm.lo ssl_scache.lo ssl_expr_scan.lo ssl_expr_parse.lo ssl_expr_eval.lo ssl_expr.lo ssl_engine_vars.lo ssl_engine_rand.lo ssl_engine_pphrase.lo ssl_engine_mutex.lo ssl_engine_log.lo ssl_engine_kernel.lo ssl_engine_io.lo ssl_engine_init.lo ssl_engine_dh.lo ssl_engine_config.lo mod_ssl.lo
/usr/local/apache/build/instdso.sh SH_LIBTOOL='/usr/local/apache/build/libtool' mod_ssl.la /usr/local/apache/modules
/usr/local/apache/build/libtool --mode=install cp mod_ssl.la /usr/local/apache/modules/
libtool: install: cp .libs/mod_ssl.so /usr/local/apache/modules/mod_ssl.so
libtool: install: cp .libs/mod_ssl.lai /usr/local/apache/modules/mod_ssl.la
libtool: install: cp .libs/mod_ssl.a /usr/local/apache/modules/mod_ssl.a
libtool: install: chmod 644 /usr/local/apache/modules/mod_ssl.a
libtool: install: ranlib /usr/local/apache/modules/mod_ssl.a
libtool: finish: PATH="/usr/local/mysql/bin:/usr/local/php/bin:/usr/local/apache/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin:/sbin" ldconfig -n /usr/local/apache/modules
----------------------------------------------------------------------
Libraries have been installed in:
   /usr/local/apache/modules     ###库已经安装在这个目录,安装完成

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the '-LLIBDIR'
flag during linking and do at least one of the following:
   - add LIBDIR to the 'LD_LIBRARY_PATH' environment variable
     during execution
   - add LIBDIR to the 'LD_RUN_PATH' environment variable
     during linking
   - use the '-Wl,-rpath -Wl,LIBDIR' linker flag
   - have your system administrator add LIBDIR to '/etc/ld.so.conf'

See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 755 /usr/local/apache/modules/mod_ssl.so
[activating module `ssl' in /usr/local/apache/conf/httpd.conf]

    9.再次返回modlues目录可以看到已经安装mod_ssl.so

    root@www ssl]# cd ..
[root@www modules]# ls
httpd.exp           mod_authn_dbd.so        mod_authz_user.so  mod_dumpio.so      mod_info.so          mod_setenvif.so    mod_version.so
libphp5.so          mod_authn_dbm.so        mod_autoindex.so   mod_env.so         mod_log_config.so    mod_speling.so     mod_vhost_alias.so
loggers             mod_authn_default.so    mod_cern_meta.so   mod_expires.so     mod_log_forensic.so  mod_ssl.so         ssl
mod_actions.so      mod_authn_file.so       mod_cgi.so         mod_ext_filter.so  mod_logio.so         mod_status.so
mod_alias.so        mod_authz_dbm.so        mod_dav_fs.so      mod_filter.so      mod_mime_magic.so    mod_substitute.so
mod_asis.so         mod_authz_default.so    mod_dav.so         mod_headers.so     mod_mime.so          mod_suexec.so
mod_auth_basic.so   mod_authz_groupfile.so  mod_dbd.so         mod_ident.so       mod_negotiation.so   mod_unique_id.so
mod_auth_digest.so  mod_authz_host.so       mod_deflate.so     mod_imagemap.so    mod_reqtimeout.so    mod_userdir.so
mod_authn_anon.so   mod_authz_owner.so      mod_dir.so         mod_include.so     mod_rewrite.so       mod_usertrack.so

    10.重启web服务器 ./apachectl -k restart即可 因为我的apache是编译安装的,所以在apache的安装目录下的bin文件目录中执行这个重启命令

    [root@www bin]# ./ap
apachectl     apr-1-config  apu-1-config  apxs          
[root@www bin]# ./apachectl -k restart
[root@www bin]#

    11.查看https已经生效。

    12.最后:如果不是缺少了这个mod_ssl.conf模块的话不能正常加载的话那请一定按照百度云盘分享的apache教程来弄,不要漏过步骤,

                    每个apche版本不一样,可能有一些文件命令不一样和路径,但请记住一定按照教程来,通用性比较高,我的版本很低和这个教程有些路径也不太一样。

                   但是原理都一样,如果不能成功配置请多检查一下吧,本人亲测可以使用!
  • 相关阅读:
    Kubernetes 部署 Kubernetes-Dashboard v2.0.0
    Kubernetes 部署 Metrics Server 获取集群指标数据
    内网终端安全建设(转)
    内网安全运营的逻辑体系架构(转)
    thinkphp5配置文件
    MySQL索引失效的几种情况
    workman使用
    长连接技术(Long Polling)
    php好文章的记录
    php类与对象得使用场景
  • 原文地址:https://www.cnblogs.com/Crazy-Liu/p/11114629.html
Copyright © 2011-2022 走看看