Apache 配置https 自签名证书 或者 购卖证书
购卖证书配置
<VirtualHost _default_:443> SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM SSLHonorCipherOrder on SSLCertificateFile /data/server/apache/conf/extra/cert/a_public.crt SSLCertificateKeyFile /data/server/apache/conf/extra/cert/a.key SSLCertificateChainFile /data/server/apache/conf/extra/cert/a_chain.crt ServerName 你的域名:443 DocumentRoot "/data/web/web01/" <Directory /data/web/web01/> Options FollowSymlinks DirectoryIndex index.php Allow from all AllowOverride All Require all granted </Directory> SSLEngine on <FilesMatch ".(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "/data/server/apache/cgi-bin"> SSLOptions +StdEnvVars </Directory> CustomLog "/data/server/apache/logs/ssl_request_log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b" </VirtualHost>
自签名证书
利用 openssl 自己生成
#私钥 openssl genrsa -out server.key 2048 #自签名证书 openssl req -new -x509 -nodes -sha1 -days 365 -key server.key -out server.crt -extensions usr_cert 执行后,遇到 Common Name (e.g. server FQDN or YOUR name) []: 填写你需要的域名或者ip ----------------- openssl genrsa -out 127_0_0_1_server.key 2048 openssl req -new -x509 -nodes -sha1 -days 3650 -key 127_0_0_1_server.key -out 127_0_0_1_server.crt -extensions usr_cert
其他参考地址: