查看“Apache配置HTTPS”的源代码
←
Apache配置HTTPS
跳到导航
跳到搜索
因为以下原因,您没有权限编辑本页:
您所请求的操作仅限于该用户组的用户使用:
用户
您可以查看和复制此页面的源代码。
== Apache 2.4 == === 安装openssl === <syntaxhighlight lang="shell-session"> root@aade5ae73079:/var/www/html# yum install openssl </syntaxhighlight> === 生成私钥 === <syntaxhighlight lang="shell-session"> root@aade5ae73079:/var/www/html# openssl genrsa -out jihongchang.key 2048 Generating RSA private key, 2048 bit long modulus (2 primes) ................................+++++ .........+++++ e is 65537 (0x010001) root@aade5ae73079:/var/www/html# </syntaxhighlight>-out说明其为输出文件,2048是其密钥位数。 得到 jihongchang.key 私钥文件 === 生成证书申请 === <syntaxhighlight lang="shell-session"> root@aade5ae73079:/var/www/html# openssl req -new -key jihongchang.key -out jihongchang.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:CN State or Province Name (full name) [Some-State]:Beijing Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []: Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: root@aade5ae73079:/var/www/html# </syntaxhighlight>得到 jihongchang.csr 证书申请文件,内含申请信息 === 自己给自己签证 === <syntaxhighlight lang="shell-session"> root@aade5ae73079:/var/www/html# openssl x509 -req -days 365 -in jihongchang.csr -signkey jihongchang.key -out jihongchang.crt Signature ok subject=C = CN, ST = Beijing, O = Internet Widgits Pty Ltd Getting Private key </syntaxhighlight>得到 jihongchang.crt 证书文件 === 确认监听了443端口 === <syntaxhighlight lang="shell-session"> root@aade5ae73079:/etc/apache2/sites-available# cat /etc/apache2/ports.conf # If you just change the port or add more ports here, you will likely also # have to change the VirtualHost statement in # /etc/apache2/sites-enabled/000-default.conf Listen 80 <IfModule ssl_module> Listen 443 </IfModule> <IfModule mod_gnutls.c> Listen 443 </IfModule> # vim: syntax=apache ts=4 sw=4 sts=4 sr noet </syntaxhighlight> === 复制要用到的可用组件目录中的ssl相关文件到启用组件目录 === <syntaxhighlight lang="shell-session"> root@aade5ae73079:/var/www/html# cp /etc/apache2/mods-available/ssl.conf /etc/apache2/mods-enabled/ root@aade5ae73079:/var/www/html# cp /etc/apache2/mods-available/ssl.load /etc/apache2/mods-enabled/ root@aade5ae73079:/var/www/html# cp /etc/apache2/mods-available/socache_shmcb.load /etc/apache2/mods-enabled/ root@aade5ae73079:/var/www/html# cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/ </syntaxhighlight> === 变更ssl相关的配置文件 === <syntaxhighlight lang="shell-session"> root@aade5ae73079:/var/www/html# vim /etc/apache2/sites-enabled/default-ssl.conf </syntaxhighlight> [[文件:Apache SSL配置.png|无|缩略图|700x700像素]] === 确认虚拟主机供应商后台开放443端口 === === 如果是docker容器,确认443端口映射 === ===哎~支持 HTTPS 协议了,但是自签的证书浏览器不认,买机构的就行了=== [[文件:HTTPS warning1.png|无|缩略图|600x600像素]][[文件:HTTPS warning3.png|无|缩略图|600x600像素]][[文件:HTTPS warning4.png|无|缩略图|557x557像素]] === 阿里云个人网站证书价格 === [[文件:Aliyun crt fee.png|无|缩略图|600x600像素]]
返回至
Apache配置HTTPS
。
导航菜单
个人工具
登录
名字空间
页面
讨论
变种
视图
阅读
查看源代码
查看历史
更多
搜索
导航
首页
Spring Boot 2 零基础入门
Spring Cloud
Spring Boot
设计模式之禅
VUE
Vuex
Maven
算法
技能树
Wireshark
IntelliJ IDEA
ElasticSearch
VirtualBox
软考
正则表达式
程序员精讲
软件设计师精讲
初级程序员 历年真题
C
SQL
Java
FFmpeg
Redis
Kafka
MySQL
Spring
Docker
JMeter
Apache
Linux
Windows
Git
ZooKeeper
设计模式
Python
MyBatis
软件
数学
PHP
IntelliJ IDEA
CS基础知识
网络
项目
未分类
MediaWiki
镜像
问题
健身
国债
英语
烹饪
常见术语
MediaWiki帮助
工具
链入页面
相关更改
特殊页面
页面信息