环境: centos7.6
安装 httpd、mod_ssl、openssl
yum install httpd mod_ssl openssl
生成私钥
cd /etc/pki/tls/private/
openssl genrsa -out server.key 2048
生成证书请求文件,需要填写信息,例如:cn/gd/zh/sourcecode/bdc/www.a.com
openssl req -new -key server.key -out server.csr
自签名
openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
mv server.crt ../certs/
修改 ssl 配置文件 /etc/httpd/conf.d/ssl.conf
...
ServerName www.a.com:443
...
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/private/server.key
...
启动 httpd
systemctl start httpd
开启 443、80 端口
firewall-cmd --permanent --add-port 80/tcp
firewall-cmd --permanent --add-port 443/tcp
firewall-cmd --reload
访问网址
https://ip