zoukankan      html  css  js  c++  java
  • 配置apache使用https访问

    1. 准备

      yum install mod_ssl openssl

    2. 生成一个自签名证书

      cd /etc/pki/CA
      1.生成2048位的加密私钥
      openssl genrsa -out server.key 2048
      2.生成证书签名请求
      openssl req -new -key server.key -out server.csr

      You are about to be asked to enter information that will be incorporated
      into your certificate request.
      What you are about to enter is what is called a Distinguished Name or a DN.
      There are quite a few fields but you can leave some blank
      For some fields there will be a default value,
      If you enter '.', the field will be left blank.
      Country Name (2 letter code) [XX]:CN
      State or Province Name (full name) []:beijing
      Locality Name (eg, city) [Default City]:beijing
      Organization Name (eg, company) [Default Company Ltd]:test.com
      Organizational Unit Name (eg, section) []:test
      Common Name (eg, your name or your server's hostname) []:test.com
      Email Address []:test@qq.com

      Please enter the following 'extra' attributes
      to be sent with your certificate request
      A challenge password []:123456

      An optional company name []:test
      3.生成类型为X509的自签名证书(有效期36500天)
      openssl x509 -req -days 36500 -in server.csr -signkey server.key -out server.crt

    3.配置Apache服务

    vim /etc/httpd/conf.d/ssl.conf
    1.修改下面的内容
    SSLCertificateFile /etc/pki/CA/server.crt
    SSLCertificateKeyFile /etc/pki/CA/server.key
    2.重启Apache
    /etc/init.d/httpd restart
    

    4.调整虚拟主机

    cd /etc/httpd/conf.d
    vim test.conf
    添加以下内容
    NameVirtualHost *:443
    <VirtualHost *:443>
    SSLEngine on
    SSLCertificateFile /etc/pki/CA/server.crt
    SSLCertificateKeyFile /etc/pki/CA/server.key
    <Directory /var/www/html/>
        AllowOverride All
    </Directory>
    ServerAdmin email@example.com
    DocumentRoot /var/www/html/
    ServerName www.test.com
    </VirtualHost>
    

    5.测试访问

    1.因为域名只是一个测试的,所以需要再Windows下绑定hosts,自定绑定
    2.访问测试
    https://Ip
    技术交流群:190655608
  • 相关阅读:
    redis的持久化机制和数据同步
    树莓派开机自动运行脚本或者程序
    树莓派安装Firefox+Selenium+geckodriver
    树莓派修改启动界面
    树莓派安装使用RXTX
    树莓派开启或关闭开启自动登陆
    树莓派USB存储设备自动挂载并通过脚本实现自动拷贝,自动播放视频,脚本自动升级等功能
    树莓派镜像使用帮助
    BlueZ
    (转)MQTT 入门介绍
  • 原文地址:https://www.cnblogs.com/yuhuLin/p/7025857.html
Copyright © 2011-2022 走看看