RHCE作业

Alone(知秋)

已于 2023-04-27 18:32:41 修改

阅读量80

点赞数 1

文章标签： linux 服务器运维

于 2023-04-18 17:49:06 首次发布

本文链接：https://blog.csdn.net/Newcomer_L/article/details/130227579

版权

文章描述了如何为Openlab搭建基于域名www.openlab.com的web网站，包括创建显示欢迎信息的主页和三个子界面：学生信息、教学资料和缴费网站。学生信息页面仅限song和tian访问，缴费网站实现了HTTPS加密。在配置过程中，提到了ApacheHTTPD服务器的配置、访问控制、用户认证以及自签名SSL证书的生成和使用。

摘要由CSDN通过智能技术生成

综合练习：
请给openlab搭建web网站 网站需求： 
1.基于域名[www.openlab.com](http://www.openlab.com)
可以访问网站内容为 welcome to openlab!!!
2.给该公司创建三个子界面分别显示学生信息，教学资料和缴费网站，基于[www.openlab.com/student](http://www.openlab.com/student) 
网站访问学生信息，[www.openlab.com/data](http://www.openlab.com/data)网站访问教学资料 [www.openlab.com/money网站访问缴费网站](https://www.openlab.com/money网站访问缴费网站)。 
3.要求 （1）学生信息网站只有song和tian两人可以访问，其他用户不能访问。 （2）访问缴费网站实现数据加密基于https访问。
# 下载配置
vim /etc/yum.repos.d/base.repo
[BaseOs]
name = baseos
baseurl = file://BaseOs/mnt
gpgcheck = 0 
[AppStream]
name = AppStream
baseurl = file://AppStream/mnt
gpgcheck = 0 
mount /dev/sr0 /mnt

yum install httpd -y
yum install mod_ssl -y
# 创建资源文件
mkdir /www/{student,data}
mkdir /test/
echo "welcome to openlab!!!" > /www/index.html
echo student > /www/student/index.html
echo data > /www/data/index.html
echo money > /test/index.html


# 编辑配置文件
vim /etc/httpd/conf.d/vhosts.conf

<VirtualHost 192.168.65.129:80>
        Servername www.openlab.com
        documentroot /www
</VirtualHost>
<Directory /www/student>
        allowoverride none
        authtype Basic
        authname "user_passwd: "
        authuserfile /etc/httpd/username
        require user song tian
</Directory>

<Directory /www>
        allowoverride none
        require all granted
</Directory>


<VirtualHost 192.168.65.129:443>
        Servername www.openlab.com
        documentroot /www
        alias /money  /test
        sslengine on
        sslcertificatefile /etc/pki/tls/certs/openlab.crt
        sslcertificatekeyfile /etc/pki/tls/private/openlab.key
</VirtualHost>
<Directory /test>
        allowoverride none
        require all granted
</Directory>

# 设置访问用户
htpasswd -c /etc/httpd/username song
htpasswd -c /etc/httpd/username tian
# 生成秘钥和CA证书
openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/openlab.key -x509 -days 365 -out /etc/pki/tls/certs/openlab.crt

systemctl restart httpd
sentenforce 0

# 尽量去浏览器访问
# 通过curl会出现
curl http://www.openlab.com/student/

# 401 Unauthorized	请求要求用户的身份认证
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>

# 不要缩写 www.openlab.com/data 否则出现
# 301	Moved Permanently	永久移动。请求的资源已被永久的移动到新URI，返回信息会包括新的URI，浏览器会自动定向到新URI。今后任何新的请求都应使用新的URI代替
curl http://www.openlab.com/data/
data

curl https://www.openlab.com/money/

curl: (60) SSL certificate problem: self-signed certificate
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

# 使用网页访问更直观,简便