目前很多浏览器都加强了html都安全性,要求配置https。
下面都例子是在CentOS7上的Apache配置https都过程。
一、生成证书
用OpenSSL生成key和证书:
mkdir /etc/ssl/private chmod 700 /etc/ssl/private openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
二、安装配置ssl模块
yum安装模块
yum install mod_ssl vim /etc/httpd/conf.d/ssl.conf
配置文件中更改下面的内容:
DocumentRoot "/var/www/html" ServerName www.xxx.net.cn:443 SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
检验配置:
apachectl configtest
三、重启服务
systemctl restart httpd
这样Apache就有了HTTPS的服务。