Ubuntu Apache服务器配置SSL证书

最新推荐文章于 2024-04-17 08:00:00 发布

SlowFeather

最新推荐文章于 2024-04-17 08:00:00 发布

阅读量445

点赞数 1

分类专栏： Linux 文章标签： apache ubuntu ssl https

本文链接：https://blog.csdn.net/a71468293a/article/details/106692793

版权

Linux 专栏收录该内容

12 篇文章 1 订阅

订阅专栏

Ubuntu Apache服务器配置SSL证书

简述
下载证书
安装OpenSSL
开启SSL模块
上传证书
配置SSL端口
更改Apache设置
重启apache
开启重写模块

简述

为了让网站能够被w.x.支持，无奈之下只得将http改为https，服务器环境默认安装Apache

下载证书

从阿里云免费申请SSL证书并下载（使用Apache版），会获得3个文件
xxxxxx.key 证书私钥文件
xxxxxx_chain.crt 证书链文件
xxxxxx_public.crt 证书公钥文件

安装OpenSSL

sudo apt-get install openssl

开启SSL模块

sudo a2enmod ssl

无效则输入下面两个命令

sudo ln -s /etc/apache2/mods-available/ssl.load /etc/apache2/mods-enabled/ssl.load

sudo ln -s /etc/apache2/mods-available/ssl.conf /etc/apache2/mods-enabled/ssl.conf

上传证书

新建文件夹

mkdir /etc/apache2/cert

将之前的三个文件上传到这个文件夹内

配置SSL端口

进入/etc/apache2/ports.conf

Listen 80

<IfModule ssl_module>
        Listen 443
</IfModule>

<IfModule mod_gnutls.c>
        Listen 443
</IfModule>

更改Apache设置

打开/etc/apache2/sites-enabled/000-default.conf

<VirtualHost *:443>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com
	
		#开启SSL引擎
        SSLEngine on
		#这里是那三个文件
        SSLCertificateFile /etc/apache2/cert/xxxxxx_public.crt  #腾讯云申请的证书为2_www.domain.com_cert.crt
        SSLCertificateKeyFile /etc/apache2/cert/xxxxxx.key  #腾讯云申请的证书为3_www.domain.com.key
        SSLCertificateChainFile /etc/apache2/cert/xxxxxx_chain.crt  #腾讯云申请的证书为1_root_bundle.crt

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        #这里是域名
        ServerName xxxxxx.com

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf

配置文件参数	说明
SSLEngine on	启用SSL功能
SSLCertificateFile	证书文件
SSLCertificateKeyFile	私钥文件
SSLCertificateChainFile	证书链文件

重启apache

sudo service apache2 restart

重编译（以用于更改设置后无法启动）

source /etc/apache2/envvars

开启重写模块

sudo a2enmod rewrite

SlowFeather

关注

1
点赞
踩
2

收藏

觉得还不错? 一键收藏
0
评论
Ubuntu Apache服务器配置SSL证书

Ubuntu Apache服务器配置SSL证书简述下载证书安装OpenSSL开启SSL模块上传证书配置SSL端口更改Apache设置重启apache开启重写模块简述为了让网站能够被w.x.支持，无奈之下只得将http改为https，服务器环境默认安装Apache下载证书从阿里云免费申请SSL证书并下载（使用Apache版），会获得3个文件xxxxxx.key 证书私钥文件xxxxxx_chain.crt 证书链文件xxxxxx_public.crt 证书公钥文件安装OpenSSLsu
复制链接

扫一扫