zoukankan      html  css  js  c++  java

  • Apache 搭建HTTPS Virtual Host

    Apache 搭建HTTPS Virtual Host

    1.创建SSL证书

    首先需要安装openssl,linux系统默认已安装,如没有则用以下命令安装:

    sudo apt-get install openssl
sudo apt-get install libssl-dev
    创建证书: 

    cd /etc/ssl/private
sudo openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout demo.key -out demo.crt
    参数说明:

    -x509 显示证书和签名工具

    -days 证书的有效期

    -sha1 证书加密算法

    -newkey rsa:1024 创建一个新key,1024表示公钥长度为1024bits

    命令执行完会创建demo.key与demo.crt

    更多参数说明可以参考:http://www.openssl.org/docs/apps/openssl.html


    创建步骤:

    root@ubuntu:/etc/ssl/private# sudo openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout demo.key -out demo.crt
Generating a 1024 bit RSA private key
.......++++++
...........++++++
writing new private key to 'demo.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:GD
Locality Name (eg, city) []:GZ
Organization Name (eg, company) [Internet Widgits Pty Ltd]:fdipzone.Ltd
Organizational Unit Name (eg, section) []:test         
Common Name (eg, YOUR name) []:demo.fdipzone.com
Email Address []:fdipzone@gmail.com
root@ubuntu:/etc/ssl/private#
    需要填写的项目:

    Country Name (2 letter code) [AU]: 国家
    State or Province Name (full name) [Some-State]:省份
    Locality Name (eg, city) []:城市
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:公司名称
    Organizational Unit Name (eg, section) []: 组织单位名称  
    Common Name (eg, YOUR name) []: 填写域名
    Email Address []:电邮地址


    2.创建Virtual Host

    <VirtualHost *:443>
    DocumentRoot /home/fdipzone/demo
    ServerName demo.fdipzone.com

    <Directory "/home/fdipzone/demo">
    allow from all
    AllowOverride all
    Options -Indexes FollowSymLinks
    </Directory>

    SSLEngine on
    SSLCertificateFile /etc/ssl/private/demo.crt
    SSLCertificateKeyFile /etc/ssl/private/demo.key
    SSLCipherSuite AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
    SSLHonorCipherOrder on
</VirtualHost>

    开启SSL Engine及设置使用的证书,端口443
    SSLEngine on
    SSLCertificateFile /etc/ssl/private/demo.crt           
    SSLCertificateKeyFile /etc/ssl/private/demo.key
  • 相关阅读:
    Python简介
    名词术语 1
    TypeError: 'method' object is not subscriptable 一般是函数没加括号导致的
    MYSQL 使用命令行导入文本数据 csv数据
    日期函数格式化
    日期函数——第几天、第几周、星期几、第几季度
    日期函数——MYSQL
    集合常见面试题
    输入一个随机整数,输出对应的大写
    Oracle数据库基本sql语句
  • 原文地址:https://www.cnblogs.com/fdipzone/p/3715057.html
Copyright © 2011-2022 走看看