1 配置apache2
./configure --prefix=/opt/apache2 --enable-so --enable-mods-shared=all --enable-ssl --with-ssl=/mnt/software/openssl
LoadModule ssl_module modules/mod_ssl.so
2 生成 密钥:
用一下两条命令:
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -x509 -out my-server.crt -config openssl.cnf -days 3650
然后,将生成的server.key server .crt放到apache_path/conf/下面。
3 配置ssl虚拟机:
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/opt/apache2/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLMutex "file:/opt/apache2/logs/ssl_mutex"
<VirtualHost _default_:443>
DocumentRoot "/www"
ServerName www.alexma.com:443
ServerAdmin you@example.com
ErrorLog "/www/logs/error_log"
TransferLog "/www/logs/access_log"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "/opt/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/apache2/conf/server.key"
<FilesMatch "/.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/opt/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" /
nokeepalive ssl-unclean-shutdown /
downgrade-1.0 force-response-1.0
CustomLog "/opt/apache2/logs/ssl_request_log" /
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x /"%r/" %b"
</VirtualHost>
测试 : 输入:https://www.alexma.com/index.html,查看,是否成功。
./configure --prefix=/opt/apache2 --enable-so --enable-mods-shared=all --enable-ssl --with-ssl=/mnt/software/openssl
LoadModule ssl_module modules/mod_ssl.so
2 生成 密钥:
用一下两条命令:
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -x509 -out my-server.crt -config openssl.cnf -days 3650
然后,将生成的server.key server .crt放到apache_path/conf/下面。
3 配置ssl虚拟机:
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/opt/apache2/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLMutex "file:/opt/apache2/logs/ssl_mutex"
<VirtualHost _default_:443>
DocumentRoot "/www"
ServerName www.alexma.com:443
ServerAdmin you@example.com
ErrorLog "/www/logs/error_log"
TransferLog "/www/logs/access_log"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "/opt/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/apache2/conf/server.key"
<FilesMatch "/.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/opt/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" /
nokeepalive ssl-unclean-shutdown /
downgrade-1.0 force-response-1.0
CustomLog "/opt/apache2/logs/ssl_request_log" /
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x /"%r/" %b"
</VirtualHost>
测试 : 输入:https://www.alexma.com/index.html,查看,是否成功。