httpd安装
源码安装
[root@http ~]# wget https://downloads.apache.org/httpd/httpd-2.4.54.tar.bz2 https://downloads.apache.org/apr/apr-1.6.5.tar.bz2 https://downloads.apache.org/apr/apr-util-1.6.1.tar.bz2 安装包下载完成 #下载并加入组 [root@http ~]# dnf groups mark install -y "Development Tools" Last metadata expiration check: 0:53:39 ago on Thu 14 Jul 2022 03:34:14 PM CST. Dependencies resolved. ============================================================================= Package Architecture Version Repository Size ============================================================================= Installing Groups: Development Tools Transaction Summary ============================================================================= Complete! #下载环境依赖包 [root@http ~]# dnf install -y wget vim gcc gcc-c++ make pcre-devel expat-devel libxml2-devel libxml2 Upgraded: expat-2.2.5-9.el8.x86_64 libxml2-2.9.7-14.el8.x86_64 Installed: cmake-filesystem-3.20.2-4.el8.x86_64 expat-devel-2.2.5-9.el8.x86_64 gpm-libs-1.20.7-17.el8.x86_64 libxml2-devel-2.9.7-14.el8.x86_64 vim-common-2:8.0.1763-19.el8.4.x86_64 vim-enhanced-2:8.0.1763-19.el8.4.x86_64 vim-filesystem-2:8.0.1763-19.el8.4.noarch xz-devel-5.2.4-3.el8.x86_64 Complete! #解压第一个压缩包 步骤必须是一个一个来 [root@http ~]# ls anaconda-ks.cfg apr-util-1.6.1.tar.bz2 apr-1.6.5.tar.bz2 httpd-2.4.54.tar.bz2 [root@http ~]# tar xf apr-1.6.5.tar.bz2 解决错误 tar (child): lbzip2: Cannot exec: No such file or directory tar (child): Error is not recoverable: exiting now tar: Child returned status 2 tar: Error is not recoverable: exiting now [root@http ~]# yum -y install bzip2 下载 Preparing : 1/1 Installing : bzip2-1.0.6-26.el8.x86_64 1/1 Running scriptlet: bzip2-1.0.6-26.el8.x86_64 1/1 Verifying : bzip2-1.0.6-26.el8.x86_64 1/1 Installed: bzip2-1.0.6-26.el8.x86_64 Complete! [root@http ~]# tar xf apr-1.6.5.tar.bz2 [root@http ~]# ls apr-1.6.5.tar.bz2 httpd-2.4.54.tar.bz2 apr-1.6.5 apr-util-1.6.1.tar.bz2 [root@http ~]# cd apr-1.6.5 [root@http apr-1.6.5]# ls apr-config.in build-outputs.mk helpers misc strings apr.dep CHANGES include mmap support apr.dsp CMakeLists.txt libapr.dep network_io tables apr.dsw config.layout libapr.dsp NOTICE test apr.mak configure libapr.mak NWGNUmakefile threadproc apr.pc.in configure.in libapr.rc passwd time apr.spec docs LICENSE poll tools atomic dso locks random user build emacs-mode Makefile.in README build.conf encoding Makefile.win README.cmake buildconf file_io memory shmem 接下来查找配置文件 修改 vi configure 编辑 查找/cfgfile 注释掉这一行,否则后面预编译会报错 # $Rm $cfgfile 预编译 指定路径 ./configure --prefix=/usr/local/apr 预编译 make && make install 完成第二个解压缩apr-util [root@http ~]# tar xf apr-util-1.6.1.tar.bz2 [root@http ~]# ls apr-1.6.5.tar.bz2 apr-util-1.6.1.tar.bz2 apr-1.6.5 apr-util-1.6.1 httpd-2.4.54.tar.bz2 查看帮忙信息添加--with-apr=/usr/local/apr [root@http apr-util-1.6.1]# ./configure --help | grep apr --with-apr=PATH 指定在一起因为和apr是依赖关系 /.configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr 完成 #预编译 make && make install 解压httpd-2.4.54.tar.bz2 [root@http ~]#tar xf httpd-2.4.54.tar.bz2 [root@http ~]# ls apr-1.6.5.tar.bz2 apr-util-1.6.1.tar.bz2 apr-1.6.5 apr-util-1.6.1 httpd-2.4.54.tar.bz2 httpd-2.4.54 #进行关联 apr apr-util ./configure --prefix=/usr/local/apache --with-apr=/usr/local/apr --with-apr•util=/usr/local/apr-util #预编译下载 make && make install 服务启动 [root@http ~]# cd /usr/local/ [root@http local]# ls apache apr-util etc include lib64 nginx share apr bin games lib libexec sbin src [root@http local]# cd apache/ [root@http apache]# ls bin cgi-bin error icons logs manual build conf htdocs include man modules 查看ip [root@http local]# ip addr show ens32 2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:68:62:82 brd ff:ff:ff:ff:ff:ff inet 192.168.47.134/24 brd 192.168.47.255 scope global dynamic noprefixroute ens32 valid_lft 1338sec preferred_lft 1338sec inet6 fe80::20c:29ff:fe68:6282/64 scope link noprefixroute valid_lft forever preferred_lft forever #进行网页访问
访问网页效果显示
#进行环境变量 [root@http bin]# vi /etc/profile.d/apache.sh export PATH=$PATH:/usr/loacl/apache/bin [root@http bin]# source /etc/profile.d/apache.sh 刷新 [root@http apache]# cd bin/ [root@http bin]# ls ab checkgid envvars-std htdbm httpd rotatelogs apachectl dbmmanage fcgistarter htdigest httxt2dbm apxs envvars htcacheclean htpasswd logresolve --启动 [root@http bin]# /usr/local/apache/bin/apachectl start [root@http bin]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 *:80 *:* httpd已启动 Mysql官方网站 4. 源码包分类 源码格式(需要编译安装) 二进制格式(解压后可以直接使用) 5. 源码包的安装 编译需要编译环境,开发环境,开发库,开发工具。 常用的编译环境有c、c++、perl、java、python5种 c环境的编译器:gcc(GNU C Complier) c++环境的编译器:g++ LISTEN 0 128 [::]:22 [::]:* #创建软链接印射,方便日后当apache删除后可以重新恢复 [root@http apache]# ln -s /usr/local/apache/include/ /usr/include/apache [root@http apache]# ls bin cgi-bin error icons logs manual build conf htdocs include(头部文件) man modules 查看 [root@http apache]# ll /usr/include/ | grep include/ lrwxrwxrwx. 1 root root 26 Jul 14 17:12 apache ->/usr/local/apache/include/ [root@http apache]# vi /etc/man_db.conf MANDATORY_MANPATH /usr/local/apache/man 有lib的情况下 [root@http apache]# vi /etc/man_db.conf [root@http apache]# mkdir lib [root@http apache]# cd lib/ [root@http lib]# vi /etc/ld.so.conf.d/apache.conf /usr/local/apache/lib ldconfig 快速搜索配置文件内容
yum安装
#关闭防火墙 [root@http ~]# systemctl stop firewalld [root@http ~]# systemctl disable firewalld [root@http ~]# vi /etc/selinux/config SELINUX=disabled [root@http ~]# setenforce 0 --下载httpd [root@http ~]# yum -y install httpd Last metadata expiration check: 22:28:28 ago on Wed 20 Jul 2022 07:40:03 PM CST. Package httpd-2.4.37-47.module_el8.6.0+1111+ce6f4ceb.1.x86_64 is already installed. Dependencies resolved. Nothing to do. Complete! #启动服务 [root@http ~]# systemctl restart httpd [root@http ~]# systemctl enable httpd Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service. [root@http ~]# systemctl start httpd 查看80端口 [root@http ~]# ss -antl | grep 80 LISTEN 0 128 *:80 *:* #查看ip服务web网页 [root@http ~]# ip addr show ens32 2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:68:62:82 brd ff:ff:ff:ff:ff:ff inet 192.168.47.134/24 brd 192.168.47.255 scope global dynamic noprefixroute ens32 valid_lft 1400sec preferred_lft 1400sec inet6 fe80::20c:29ff:fe68:6282/64 scope link noprefixroute valid_lft forever preferred_lft forever
#进入html创建一个index.html文件 [root@http ~]# cd /var/www/html/ [root@http html]# ls [root@http html]# echo 12345 > index.html [root@http html]# cat index.html 12345 [root@http html]# ls index.html #在访问网页
虚拟主机: 虚拟主机有三类:
-
相同IP不同端口
-
不同IP相同端口
-
相同IP相同端口不同域名
相同IP不同端口
[root@http ~]# vi /etc/httpd/conf/httpd.conf listen 81 <VirtualHost 192.168.47.134:81> DocumentRoot "/var/www/liu/" ErrorLog "/var/log/httpd/liu-error_log" CustomLog "/var/log/httpd/liu-access_log" common </VirtualHost> listen 82 <VirtualHost 192.168.47.134:82> DocumentRoot "/var/www/xu/" ErrorLog "/var/log/httpd/xu-error_log" CustomLog "/var/log/httpd/xu-access_log" common </VirtualHost> [root@http ~]# cd /var/www/ [root@http www]# ls cgi-bin html liu xu [root@http www]# echo carry > liu/index.html [root@http www]# echo jwcj > xu/index.html [root@http liu]# systemctl start httpd [root@http liu]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 *:80 *:* LISTEN 0 128 *:81 *:* LISTEN 0 128 *:82 *:* LISTEN 0 128 [::]:22 [::]:*
不同IP相同端口
[root@http www]# vi /etc/httpd/conf/httpd.conf listen 81 <VirtualHost 192.168.47.134:81> DocumentRoot "/var/www/liu/" ErrorLog "/var/log/httpd/liu-error_log" CustomLog "/var/log/httpd/liu-access_log" common </VirtualHost> <VirtualHost 192.168.47.135:81> DocumentRoot "/var/www/xu/" ErrorLog "/var/log/httpd/xu-error_log" CustomLog "/var/log/httpd/xu-access_log" common </VirtualHost> 添加ip [root@http www]# ip addr add 192.168.47.135/24 dev ens32 [root@http www]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:68:62:82 brd ff:ff:ff:ff:ff:ff inet 192.168.47.134/24 brd 192.168.47.255 scope global dynamic noprefixroute ens32 valid_lft 1606sec preferred_lft 1606sec inet 192.168.47.135/24 scope global secondary ens32 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe68:6282/64 scope link noprefixroute valid_lft forever preferred_lft forever [root@http www]# systemctl restart httpd [root@http www]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 *:80 *:* LISTEN 0 128 *:81 *:*
listen 81 <VirtualHost 192.168.47.134:81> DocumentRoot "/var/www/liu/" ErrorLog "/var/log/httpd/liu-error_log" CustomLog "/var/log/httpd/liu-access_log" common </VirtualHost> <VirtualHost 192.168.47.134:81> DocumentRoot "/var/www/xu/" ErrorLog "/var/log/httpd/xu-error_log" CustomLog "/var/log/httpd/xu-access_log" common </VirtualHost>
https加密模式
[root@http ~]# dnf -y install mod_ssl CentOS Stream 8 - AppStream 8.3 kB/s | 4.4 kB 00:00 CentOS Stream 8 - AppStream 3.3 MB/s | 24 MB 00:07 CentOS Stream 8 - BaseOS 7.8 kB/s | 3.9 kB 00:00 CentOS Stream 8 - BaseOS 5.3 MB/s | 25 MB 00:04 CentOS Stream 8 - Extras 5.5 kB/s | 2.9 kB 00:00 Dependencies resolved. ====================================================================== Package Arch Version Repo Size ====================================================================== Installing: mod_ssl x86_64 1:2.4.37-47.module_el8.6.0+1111+ce6f4ceb.1 appstream 137 k Installing dependencies: sscg x86_64 2.3.3-15.el8 appstream 49 k Transaction Summary ====================================================================== Install 2 Packages Total download size: 187 k Installed size: 364 k Downloading Packages: (1/2): sscg-2.3.3-15.el8.x86_64.rpm 421 kB/s | 49 kB 00:00 (2/2): mod_ssl-2.4.37-47.module_el8.6 1.0 MB/s | 137 kB 00:00 ---------------------------------------------------------------------- Total 317 kB/s | 187 kB 00:00 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : sscg-2.3.3-15.el8.x86_64 1/2 Installing : mod_ssl-1:2.4.37-47.module_el8.6.0+1111+ce 2/2 Running scriptlet: mod_ssl-1:2.4.37-47.module_el8.6.0+1111+ce 2/2 Verifying : mod_ssl-1:2.4.37-47.module_el8.6.0+1111+ce 1/2 Verifying : sscg-2.3.3-15.el8.x86_64 2/2 Installed: mod_ssl-1:2.4.37-47.module_el8.6.0+1111+ce6f4ceb.1.x86_64 sscg-2.3.3-15.el8.x86_64 Complete! [root@http ~]# mkdir /etc/pki/CA [root@http ~]# cd /etc/pki/CA [root@http CA]# mkdir private [root@http CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)Generating RSA private key, 2048 bit long modulus (2 primes) .........................................................+++++ ................................................................................+++++ e is 65537 (0x010001) [root@http CA]# openssl rsa -in private/cakey.pem -pubout writing RSA key -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfUgMZnDU/xQ94dVLzpO ZCESUEIq1Iw1Lr/Ib0LB44mj+GLP9bkpihJUf6jXX4WEzCU3iQoXlA8sOPtp+K5Q ou6j3XIa/qCjfy/2EQP+MUaYJf7OAVCda9iYO1UMZgD4UNbzeBbXfQ084OegrQvP 4ZZizJqztj7O9l5P4gVyI7kUUvRKCmkX6S+LMvZH5/lenStiPWXKa2wf/MscmsrT MinCnF9hgw/28w6oEIqjh01n+XScc044LZPTdOMMn23ebGc+QS7s7Ek14+vHws4Z c+5e3cyVQlaR4b3dUEKcGlYs9HqwSBN7dIQzFd+t9/ilV4h8YYx4dTB9tp8lHLoV dwIDAQAB -----END PUBLIC KEY----- [root@http CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365 You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:cn State or Province Name (full name) []:hb Locality Name (eg, city) [Default City]:wh Organization Name (eg, company) [Default Company Ltd]:runt Organizational Unit Name (eg, section) []:px Common Name (eg, your name or your server's hostname) []:www.xu.com Email Address []:1@2.com [root@http CA]# openssl x509 -text -in cacert.pem Certificate: Data: Version: 3 (0x2) Serial Number: 7d:f9:d2:d9:a3:1b:5b:91:a4:3b:98:b7:55:ce:b6:17:c0:f2:6a:2e Signature Algorithm: sha256WithRSAEncryption Issuer: C = cn, ST = hb, L = wh, O = runt, OU = px, CN = www.xu.com, emailAddress = 1@2.com Validity Not Before: Jul 21 15:25:54 2022 GMT Not After : Jul 21 15:25:54 2023 GMT Subject: C = cn, ST = hb, L = wh, O = runt, OU = px, CN = www.xu.com, emailAddress = 1@2.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f5:20:31:99:c3:53:fc:50:f7:87:55:2f:3a: 4e:64:21:12:50:42:2a:d4:8c:35:2e:bf:c8:6f:42: c1:e3:89:a3:f8:62:cf:f5:b9:29:8a:12:54:7f:a8: d7:5f:85:84:cc:25:37:89:0a:17:94:0f:2c:38:fb: 69:f8:ae:50:a2:ee:a3:dd:72:1a:fe:a0:a3:7f:2f: f6:11:03:fe:31:46:98:25:fe:ce:01:50:9d:6b:d8: 98:3b:55:0c:66:00:f8:50:d6:f3:78:16:d7:7d:0d: 3c:e0:e7:a0:ad:0b:cf:e1:96:62:cc:9a:b3:b6:3e: ce:f6:5e:4f:e2:05:72:23:b9:14:52:f4:4a:0a:69: 17:e9:2f:8b:32:f6:47:e7:f9:5e:9d:2b:62:3d:65: ca:6b:6c:1f:fc:cb:1c:9a:ca:d3:32:29:c2:9c:5f: 61:83:0f:f6:f3:0e:a8:10:8a:a3:87:4d:67:f9:74: 9c:73:4e:38:2d:93:d3:74:e3:0c:9f:6d:de:6c:67: 3e:41:2e:ec:ec:49:35:e3:eb:c7:c2:ce:19:73:ee: 5e:dd:cc:95:42:56:91:e1:bd:dd:50:42:9c:1a:56: 2c:f4:7a:b0:48:13:7b:74:84:33:15:df:ad:f7:f8: a5:57:88:7c:61:8c:78:75:30:7d:b6:9f:25:1c:ba: 15:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:E8:62:1F:5B:A3:5C:F6:A6:AC:82:79:05:D9:62:6A:F0:89:40:75 X509v3 Authority Key Identifier: keyid:98:E8:62:1F:5B:A3:5C:F6:A6:AC:82:79:05:D9:62:6A:F0:89:40:75 X509v3 Basic Constraints: critical CA:TRUE Signature Algorithm: sha256WithRSAEncryption b2:40:e6:c0:1d:0b:88:7b:b2:1c:ae:23:dd:4b:4e:48:6e:4e: a8:31:df:d6:e7:36:2a:a4:ec:a1:ca:92:b8:0b:4f:2d:eb:29: 6d:eb:d9:8d:41:95:87:93:1f:c8:cd:ff:13:70:fe:c7:f6:c5: 8a:1b:66:41:0a:22:ce:f5:9f:43:9b:5d:a6:e0:fd:ee:68:16: a3:dd:bd:3b:81:a9:26:03:44:6f:58:8a:1c:ba:71:52:08:e2: f8:a2:39:67:75:4f:2e:e8:b4:b7:3c:5c:12:bb:0d:37:75:13: f2:82:06:13:86:05:08:b9:45:4c:05:7a:53:11:d1:b8:d6:2a: e3:1e:a5:0a:85:38:8b:9a:ce:33:c5:94:98:a2:23:b1:87:35: 3a:05:8d:31:e3:33:51:af:e2:5a:c3:28:eb:a5:fb:09:69:bc: 23:71:cd:15:0a:86:a3:f9:2f:88:20:40:81:17:a0:31:7e:31: ea:86:6d:a3:5c:fd:14:9d:a9:67:ee:ee:1a:31:bb:3b:8a:8b: 96:ac:59:f8:5f:59:d7:44:1a:04:79:f7:b6:d1:2d:78:c9:c7: 39:33:bd:19:a2:dc:0c:3b:dc:08:53:23:c1:2d:91:ad:7d:c1: 69:a0:2c:a1:e0:41:f5:59:10:60:e9:d7:5b:58:be:56:a8:b6: 45:b2:92:48 -----BEGIN CERTIFICATE----- MIIDwTCCAqmgAwIBAgIUffnS2aMbW5GkO5i3Vc62F8Dyai4wDQYJKoZIhvcNAQEL BQAwcDELMAkGA1UEBhMCY24xCzAJBgNVBAgMAmhiMQswCQYDVQQHDAJ3aDENMAsG A1UECgwEcnVudDELMAkGA1UECwwCcHgxEzARBgNVBAMMCnd3dy54dS5jb20xFjAU BgkqhkiG9w0BCQEWBzFAMi5jb20wHhcNMjIwNzIxMTUyNTU0WhcNMjMwNzIxMTUy NTU0WjBwMQswCQYDVQQGEwJjbjELMAkGA1UECAwCaGIxCzAJBgNVBAcMAndoMQ0w CwYDVQQKDARydW50MQswCQYDVQQLDAJweDETMBEGA1UEAwwKd3d3Lnh1LmNvbTEW MBQGCSqGSIb3DQEJARYHMUAyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAL31IDGZw1P8UPeHVS86TmQhElBCKtSMNS6/yG9CweOJo/hiz/W5KYoS VH+o11+FhMwlN4kKF5QPLDj7afiuUKLuo91yGv6go38v9hED/jFGmCX+zgFQnWvY mDtVDGYA+FDW83gW130NPODnoK0Lz+GWYsyas7Y+zvZeT+IFciO5FFL0SgppF+kv izL2R+f5Xp0rYj1lymtsH/zLHJrK0zIpwpxfYYMP9vMOqBCKo4dNZ/l0nHNOOC2T 03TjDJ9t3mxnPkEu7OxJNePrx8LOGXPuXt3MlUJWkeG93VBCnBpWLPR6sEgTe3SE MxXfrff4pVeIfGGMeHUwfbafJRy6FXcCAwEAAaNTMFEwHQYDVR0OBBYEFJjoYh9b o1z2pqyCeQXZYmrwiUB1MB8GA1UdIwQYMBaAFJjoYh9bo1z2pqyCeQXZYmrwiUB1 MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBALJA5sAdC4h7shyu I91LTkhuTqgx39bnNiqk7KHKkrgLTy3rKW3r2Y1BlYeTH8jN/xNw/sf2xYobZkEK Is71n0ObXabg/e5oFqPdvTuBqSYDRG9Yihy6cVII4viiOWd1Ty7otLc8XBK7DTd1 E/KCBhOGBQi5RUwFelMR0bjWKuMepQqFOIuazjPFlJiiI7GHNToFjTHjM1Gv4lrD KOul+wlpvCNxzRUKhqP5L4ggQIEXoDF+MeqGbaNc/RSdqWfu7hoxuzuKi5asWfhf WddEGgR597bRLXjJxzkzvRmi3Aw73AhTI8Etka19wWmgLKHgQfVZEGDp11tYvlao tkWykkg= -----END CERTIFICATE----- [root@http CA]# mkdir certs newcerts crl [root@http CA]# touch index.txt && echo 01 > serial [root@http CA]# cd /etc/httpd && mkdir ssl && cd ssl [root@http ssl]# (umask 077;openssl genrsa -out httpd.key 2048) Generating RSA private key, 2048 bit long modulus (2 primes) ........................+++++ ..................................+++++ e is 65537 (0x010001) [root@http ssl]# openssl req -new -key httpd.key -days 365 -out httpd.csr Ignoring -days; not generating a certificate You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:cn string is too long, it needs to be no more than 2 bytes long Country Name (2 letter code) [XX]:cn State or Province Name (full name) []:hb Locality Name (eg, city) [Default City]:wh Organization Name (eg, company) [Default Company Ltd]:runt Organizational Unit Name (eg, section) []:px Common Name (eg, your name or your server's hostname) []:www.xu.com Email Address []:1@2.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: [root@http ssl]# ls httpd.csr httpd.key [root@http ssl]# openssl ca -in httpd.csr -out httpd.crt -days 365 Using configuration from /etc/pki/tls/openssl.cnf Check that the request matches the signature Signature ok Certificate Details: Serial Number: 1 (0x1) Validity Not Before: Jul 21 15:27:42 2022 GMT Not After : Jul 21 15:27:42 2023 GMT Subject: countryName = cn stateOrProvinceName = hb organizationName = runt organizationalUnitName = px commonName = www.xu.com emailAddress = 1@2.com X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: CC:13:E2:F0:80:4F:D5:2F:AF:B2:01:C0:E4:42:D8:A1:17:09:00:0C X509v3 Authority Key Identifier: keyid:98:E8:62:1F:5B:A3:5C:F6:A6:AC:82:79:05:D9:62:6A:F0:89:40:75 Certificate is to be certified until Jul 21 15:27:42 2023 GMT (365 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated [root@http ssl]# ls httpd.crt httpd.csr httpd.key [root@http ssl]# vi /etc/httpd/conf.d/ssl.conf [root@http ssl]# systemctl restart httpd [root@http ssl]# http -t -bash: http: command not found [root@http ssl]# httpd -t Syntax OK [root@http ssl]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 *:80 *:* LISTEN 0 128 *:81 *:* LISTEN 0 128 [::]:22 [::]:* LISTEN 0 128 *:443 *:*