1.源码安装apache
下载apr-1.5.2.tar.gz、 apr-util-1.5.4.tar.gz、 httpd-2.4.17.tar.gz、 pcre-8.37.tar.gz
将以上源码包上传服务器随意路径
解压:
tar zxvf apr-1.5.2.tar.gz
tar zxvf apr-util-1.5.4.tar.gz
tar zxvf httpd-2.4.17.tar.gz
tar zxvf pcre-8.37.tar.gz
安装:(编译器安前安装gcc-c++:yum -y install gcc-c++)
cd pcre-8.37
./configure ;make ;make install
cd apr-1.5.2
./configure ;make ;make install
cd apr-util-1.5.4
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
make
make install
cd httpd-2.4.17
./configure --prefix=/usr/local/apache --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-shared=max --enable-module=rewirte --enable-module=so --enable-mods-shared=all
make
make install
2.配置双向认证
将所需全部证书上传到/usr/local/apache/ssl
cd /usr/local/apache/conf
vim httpd.conf
取消 LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
前面的注释(删除#)
:wq
cd /usr/local/apache/conf/extra
vim httpd-ssl.conf
将SSLSessionCache "shmcb:/usr/local/apache/logs/ssl_scache(512000)" 注释
SSLCertificateFile "/usr/local/apache/ssl/mykey.crt" 配置服务端crt证书
SSLCertificateKeyFile "/usr/local/apache/ssl/mykey.key" 配置服务端key
SSLCertificateChainFile "/usr/local/apache/ssl/serverca.crt" 配置服务点证书链
SSLCACertificatePath "/usr/local/apache/ssl/" 客户端证书路径
SSLCACertificateFile "/usr/local/apache/ssl/ca.crt" 配置客户端证书
取消SSLVerifyClient require
SSLVerifyDepth 10
此两行前的注释。
:wq
3.配置反向代理
cd /usr/local/apache/conf
vim httpd.conf
取消 LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
前的注释
cd /usr/local/apache/conf/extra
vim httpd-ssl.conf
在结尾</VirtualHost>前添加如下内容(例如将本机https://127.0.0.1/ 代理腾讯主页)
ProxyPass / http://www.qq.com/
ProxyPassReverse / http://www.qq.com/
ProxyPassReverseCookieDomain www.qq.com 127.0.0.1
:wq
下载apr-1.5.2.tar.gz、 apr-util-1.5.4.tar.gz、 httpd-2.4.17.tar.gz、 pcre-8.37.tar.gz
将以上源码包上传服务器随意路径
解压:
tar zxvf apr-1.5.2.tar.gz
tar zxvf apr-util-1.5.4.tar.gz
tar zxvf httpd-2.4.17.tar.gz
tar zxvf pcre-8.37.tar.gz
安装:(编译器安前安装gcc-c++:yum -y install gcc-c++)
cd pcre-8.37
./configure ;make ;make install
cd apr-1.5.2
./configure ;make ;make install
cd apr-util-1.5.4
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
make
make install
cd httpd-2.4.17
./configure --prefix=/usr/local/apache --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-shared=max --enable-module=rewirte --enable-module=so --enable-mods-shared=all
make
make install
2.配置双向认证
将所需全部证书上传到/usr/local/apache/ssl
cd /usr/local/apache/conf
vim httpd.conf
取消 LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
前面的注释(删除#)
:wq
cd /usr/local/apache/conf/extra
vim httpd-ssl.conf
将SSLSessionCache "shmcb:/usr/local/apache/logs/ssl_scache(512000)" 注释
SSLCertificateFile "/usr/local/apache/ssl/mykey.crt" 配置服务端crt证书
SSLCertificateKeyFile "/usr/local/apache/ssl/mykey.key" 配置服务端key
SSLCertificateChainFile "/usr/local/apache/ssl/serverca.crt" 配置服务点证书链
SSLCACertificatePath "/usr/local/apache/ssl/" 客户端证书路径
SSLCACertificateFile "/usr/local/apache/ssl/ca.crt" 配置客户端证书
取消SSLVerifyClient require
SSLVerifyDepth 10
此两行前的注释。
:wq
3.配置反向代理
cd /usr/local/apache/conf
vim httpd.conf
取消 LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
前的注释
cd /usr/local/apache/conf/extra
vim httpd-ssl.conf
在结尾</VirtualHost>前添加如下内容(例如将本机https://127.0.0.1/ 代理腾讯主页)
ProxyPass / http://www.qq.com/
ProxyPassReverse / http://www.qq.com/
ProxyPassReverseCookieDomain www.qq.com 127.0.0.1
:wq