自定义签名证书

自定义自签名证书

 

yum install mod_ssl

Genkey westos.example.com

 

 100SSLCertificateFile /etc/pki/tls/certs/westos.example.com.crt      ##genkey过程中生成的锁位置

 101

 102#   Server Private Key:

 103#   If the key is not combined with thecertificate, use this

 104#   directive to point at the keyfile.  Keep in mind that if

 105#   you've both a RSA and a DSA privatekey you can configure

 106#   both in parallel (to also allow theuse of DSA ciphers, etc.)

 107SSLCertificateKeyFile /etc/pki/tls/private/westos.example.com.key   ##钥匙位置

 

建立需要加密的地址等

[root@westos conf.d]# mkdir /var/www/login

[root@westos www]# cd login

[root@westos login]# vim westos

[root@westos login]# cd /etc/httpd/conf.d

[root@westos conf.d]# vim login.conf

 <Virtualhost *:443>

       Servername login.westos.com

       Documentroot /var/www/login

       Customlog "logs/login.log" combined

       SSLEngine on

       SSLCertificateFile /etc/pki/tls/certs/westos.example.com.crt

       SSLCertificateKeyFile /etc/pki/tls/private/westos.example.com.key

 </Virtualhost>

 <Directory "/var/www/login">

       Require all granted

 </Directory>

 <Virtualhost *:80>

       Servername login.westos.com

       RewriteEngine on

       RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]

 </Virtualhost>

[root@westos conf.d]# systemctl restart httpd

 

浏览器测试：输入login.westos.com