zoukankan      html  css  js  c++  java
  • Apache配置https,及多个https配置

    Apache配置https,及多个https配置

    1、单个https配置

    检查相关依赖,如果没有就yum安装

    yum install mod_ssl openssl

    rpm -qa| grep mod_ssl

     

    rpm -qa| grep openssl

     

    安装完成后会生成一个

    /etc/httpd/conf.d/ssl.conf文件

    然后把申请的证书上传上去自定义一个目录

    创建一个存放证书的目录

    mkdir /etc/httpd/conf/ssl/

     

    上传证书(证书我公司是阿里云申请的)

    开始配置ssl.conf文件,对源文件做备份

     

    开启你网站的目录

     

    将servername设置为你的域名

    注释掉原有的

    SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM

     

    开启ssl,设置为SSLHonorCipherOrder on

     

    配置你证书路径

    重启apache就好了!

    如果访问时候没有权限就需要配置httpd.conf

     

    测试访问:https://htcm-test.com                      ok

    2、当一台服务器有多个域名配置https时,在ssl配置文件增加VirtualHost 就好,跟apache是一样的。

    vim  ssl.conf

    #第一个https

    <VirtualHost _default_:443>

    #DocumentRoot "/var/www/html"
    ServerName www.aaaaa.com:443

    # Use separate log files for the SSL virtual host; note that LogLevel
    # is not inherited from httpd.conf.
    ErrorLog logs/ssl_error_log
    TransferLog logs/ssl_access_log
    LogLevel warn

    # SSL Engine Switch:
    # Enable/Disable SSL for this virtual host.
    SSLEngine on
    SSLProxyEngine on
    # 添加 SSL 协议支持协议,去掉不安全的协议
    SSLProtocol all -SSLv2 -SSLv3
    # 修改加密套件如下
    SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM
    SSLHonorCipherOrder on
    # 证书
    SSLCertificateFile /etc/httpd/conf/confluence/2054465_aaaa.com_public.crt
    SSLCertificateKeyFile /etc/httpd/conf/confluence/2054465_aaaa.com.key

    SSLCertificateChainFile /etc/httpd/conf/confluence/2054465_aaaa.com_chain.crt

    </VirtualHost>

    #第二个https

    <VirtualHost _default_:443>

    #DocumentRoot "/var/www/html"
    ServerName www.aaaaa.com:443

    # Use separate log files for the SSL virtual host; note that LogLevel
    # is not inherited from httpd.conf.
    ErrorLog logs/ssl_error_log
    TransferLog logs/ssl_access_log
    LogLevel warn

    # SSL Engine Switch:
    # Enable/Disable SSL for this virtual host.
    SSLEngine on
    SSLProxyEngine on
    # 添加 SSL 协议支持协议,去掉不安全的协议
    SSLProtocol all -SSLv2 -SSLv3
    # 修改加密套件如下
    SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM
    SSLHonorCipherOrder on
    # 证书
    SSLCertificateFile /etc/httpd/conf/confluence/2054465_aaaa.com_public.crt
    SSLCertificateKeyFile /etc/httpd/conf/confluence/2054465_aaaa.com.key

    SSLCertificateChainFile /etc/httpd/conf/confluence/2054465_aaaa.com_chain.crt

     </VirtualHost>

  • 相关阅读:
    494 Target Sum 目标和
    493 Reverse Pairs 翻转对
    492 Construct the Rectangle 构建矩形
    491 Increasing Subsequences 递增子序列
    488 Zuma Game 祖玛游戏
    486 Predict the Winner 预测赢家
    485 Max Consecutive Ones 最大连续1的个数
    483 Smallest Good Base
    Django Form组件
    Django Auth组件
  • 原文地址:https://www.cnblogs.com/sxshaolong/p/10186334.html
Copyright © 2011-2022 走看看