Apache安装部分:
编译命令:
# ./configure \
"--prefix=/usr/local/apache2" \
"--enable-module=so" \
"--enable-deflate=shared" \
"--enable-expires=shared" \
"--enable-rewrite=shared" \
"--enable-static-support" \
"--enable-static-htpasswd" \
"--enable-static-htdigest" \
"--enable-static-rotatelogs" \
"--enable-static-logresolve" \
"--enable-static-htdbm" \
"--enable-static-ab" \
"--enable-static-checkgid" \
"--enable-ssl" \
"--with-ssl=/usr/local/openssl" \
"--disable-userdir"
打开页面的时候会有mod_ssl的提示。
如果重新编译出错
configure: error: Cannot use an external APR with the bundled APR-utilq错误。
解决办法:安装apr以及apr-util。 #cd /usr/local/httpd-2-2-4/srclib/apr
#./configure --prefix=/usr/local/apr
#make
#make install
安装APR-util
cd srclib/apr-util
#./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
#make
#make install
编译Apache使用:
./configure --prefix=/usr/local/apache2 --enable-module=so --enable-deflate=shared --enable-expires=shared --enable-rewrite=shared --enable-static-support --enable-static-htpasswd --enable-static-htdigest --enable-static-rotatelogs --enable-static-logresolve --enable-static-htdbm --enable-static-ab --enable-static-checkgid --enable-ssl --disable-userdir --with-ssl=/usr/local/openssl --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/bin
SSL部分:
实际上在Aache的Menu部分是有这些详细介绍的,参见:
http://bbs.nau.edu.cn/ApacheMenu/ssl/ssl_faq.html
How do I create a real SSL Certificate?
Here is a step-by-step description:
Make sure OpenSSL is installed and in your PATH.
Create a RSA private key for your Apache server (will be Triple-DES encrypted and PEM formatted):
$ openssl genrsa -des3 -out server.key 1024
Please backup this server.key file and the pass-phrase you entered in a secure location. You can see the details of this RSA private key by using the command:
$ openssl rsa -noout -text -in server.key
If necessary, you can also create a decrypted PEM version (not recommended) of this RSA private key with:
$ openssl rsa -in server.key -out server.key.unsecure
Create a Certificate Signing Request (CSR) with the server RSA private key (output will be PEM formatted):
$ openssl req -new -key server.key -out server.csr
Make sure you enter the FQDN ("Fully Qualified Domain Name") of the server when OpenSSL prompts you for the "CommonName", i.e. when you generate a CSR for a website which will be later accessed via https://www.foo.dom/, enter "www.foo.dom" here. You can see the details of this CSR by using
$ openssl req -noout -text -in server.csr
Aache的Vhost配置部分
<VirtualHost 192.168.1.254:443>
ServerName ssl.testmysite.com
DocumentRoot "/web/ssl"
CustomLog logs/ssl-access_log common
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile conf/ssl.crt/server.crt
SSLCertificateKeyFile conf/ssl.key/server.key
<Directory "/web/ssl">
SSLOptions +StdEnvVars
</Directory>
<Directory "/web/ssl">
Options FollowSymLinks MultiViews Includes
AllowOverride None
Allow from all
</Directory>
</VirtualHost>
编译命令:
# ./configure \
"--prefix=/usr/local/apache2" \
"--enable-module=so" \
"--enable-deflate=shared" \
"--enable-expires=shared" \
"--enable-rewrite=shared" \
"--enable-static-support" \
"--enable-static-htpasswd" \
"--enable-static-htdigest" \
"--enable-static-rotatelogs" \
"--enable-static-logresolve" \
"--enable-static-htdbm" \
"--enable-static-ab" \
"--enable-static-checkgid" \
"--enable-ssl" \
"--with-ssl=/usr/local/openssl" \
"--disable-userdir"
打开页面的时候会有mod_ssl的提示。
如果重新编译出错
configure: error: Cannot use an external APR with the bundled APR-utilq错误。
解决办法:安装apr以及apr-util。 #cd /usr/local/httpd-2-2-4/srclib/apr
#./configure --prefix=/usr/local/apr
#make
#make install
安装APR-util
cd srclib/apr-util
#./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
#make
#make install
编译Apache使用:
./configure --prefix=/usr/local/apache2 --enable-module=so --enable-deflate=shared --enable-expires=shared --enable-rewrite=shared --enable-static-support --enable-static-htpasswd --enable-static-htdigest --enable-static-rotatelogs --enable-static-logresolve --enable-static-htdbm --enable-static-ab --enable-static-checkgid --enable-ssl --disable-userdir --with-ssl=/usr/local/openssl --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/bin
SSL部分:
实际上在Aache的Menu部分是有这些详细介绍的,参见:
http://bbs.nau.edu.cn/ApacheMenu/ssl/ssl_faq.html
How do I create a real SSL Certificate?
Here is a step-by-step description:
Make sure OpenSSL is installed and in your PATH.
Create a RSA private key for your Apache server (will be Triple-DES encrypted and PEM formatted):
$ openssl genrsa -des3 -out server.key 1024
Please backup this server.key file and the pass-phrase you entered in a secure location. You can see the details of this RSA private key by using the command:
$ openssl rsa -noout -text -in server.key
If necessary, you can also create a decrypted PEM version (not recommended) of this RSA private key with:
$ openssl rsa -in server.key -out server.key.unsecure
Create a Certificate Signing Request (CSR) with the server RSA private key (output will be PEM formatted):
$ openssl req -new -key server.key -out server.csr
Make sure you enter the FQDN ("Fully Qualified Domain Name") of the server when OpenSSL prompts you for the "CommonName", i.e. when you generate a CSR for a website which will be later accessed via https://www.foo.dom/, enter "www.foo.dom" here. You can see the details of this CSR by using
$ openssl req -noout -text -in server.csr
Aache的Vhost配置部分
<VirtualHost 192.168.1.254:443>
ServerName ssl.testmysite.com
DocumentRoot "/web/ssl"
CustomLog logs/ssl-access_log common
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile conf/ssl.crt/server.crt
SSLCertificateKeyFile conf/ssl.key/server.key
<Directory "/web/ssl">
SSLOptions +StdEnvVars
</Directory>
<Directory "/web/ssl">
Options FollowSymLinks MultiViews Includes
AllowOverride None
Allow from all
</Directory>
</VirtualHost>
扫一扫
4441
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
