生成证书
切换用户
su - apache
切换目录
cd /opt/apache/bin
生成key(需要输入至少4位密码,后面还会用到)
openssl genrsa -des3 -out apache.key 2048
生成csr
openssl req -new -key apache.key -out apache.csr
生成自签名crt
openssl x509 -req -days 365 -in apache.csr -signkey apache.key -out apache.crt
转移key、crt
cd ../conf
mkdir ssl.crt ssl.key
mv ../bin/apache.key ssl.key
mv ../bin/apache.crt ssl.crt
修改配置
修改httpd.conf
cp httpd.conf httpd.conf_bak
vim httpd.conf
----------------------------------------------
Listen 443
LoadModule ssl_module modules/mod_ssl.so
LoadModule rewrite_module modules/mod_rewrite.so
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile conf/ssl.crt/apache.crt
SSLCertificateKeyFile conf/ssl.key/apache.key
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
</VirtualHost>
SSLPassPhraseDialog exec:conf/passphrase-file
创建passphrase-file
vim passphrase-file
-----------------------------------------
#!/bin/sh
echo "你的密钥"
重启服务
su - root
cd /opt/otm62webdev/apache/bin
./apachectl -t
./apachectl start
验证
访问https://xx.xx.xx.xx
因为是自签名证书,所以显示invalid
报错
启动报错Permission denied
切换root用户启动