web实验

网站需求：

2.给该公司创建三个网站目录分别显示学生信息，教学资料和缴费网站，基于www.openlab.com/student 网站访问学生信息，www.openlab.com/data网站访问教学资料www.openlab.com/money网站访问缴费网站。

3.要求（1）学生信息网站只有song和tian两人可以访问，其他网站所有用户用能访问。 （2）访问缴费网站实现数据加密基于https访问。

1.基于域名www.openlab.com可以访问网站内容为 welcome to openlab!!!
[root@localhost ~]# setenforce 0	# 关闭selinux
[root@localhost ~]# systemctl stop firewalld	# 关闭防火墙
[root@localhost ~]# yum install http mod_ssl	# 安装http配置mod_ssl
[root@localhost ~]# systemctl start httpd	# 启服务
[root@localhost ~]# systemctl enable httpd	#  开机时启动服务
# 创建存储页面的目录
[root@localhost ~]# mkdir -p /www/data
[root@localhost ~]# mkdir -p /www/student           
[root@localhost ~]# mkdir -p /www/money
[root@localhost ~]# echo "welcome to openlab" > /var/www/html/index.html
[root@localhost ~]# echo "English" > /www/data/index.html
[root@localhost ~]# echo "Song and Tian" > /www/student/index.html
[root@localhost ~]# echo "Please give money" > /www/money/index.html
# 修改本地hosts
[root@localhost ~]# vim /etc/hosts

# 修改配置文件，建立http网站
[root@localhost ~]# vim /etc/httpd/conf/httpd.conf
# 添加
<virtualhost 192.168.17.132>
        documentroot    /www
        servername      192.168.17.132
        <directory  /www>
                allowoverride   none
                require all     granted
        </directory>
</virtualhost>
 
<virtualhost 192.168.17.132>
        documentroot    /www/data
        alias   /data   /www/data
        servername      'data'
        <directory  /www/data>
                allowoverride   none
                require all     granted
        </directory>
</virtualhost>
 
<virtualhost 192.168.17.132>
        documentroot    /www/student
        alias   /student        /www/student
        servername      'student'
        <directory  /www/student>
                allowoverride   none
                authuserfile    "/etc/httpd/passwdop"
                authname        "My privately"
                authtype        "basic"
                require user    song  tian
        </directory>
</virtualhost>
# 创建私钥文件
[root@localhost ~]# openssl genrsa -aes128 2048 > /etc/pki/tls/private/mo.key
Enter PEM pass phrase:	# 密码123456
Verifying - Enter PEM pass phrase:
Verify failure	# 创建数字证书
C0E168720A7F0000:error:1400006B:UI routines:UI_process:processing error:crypto/ui/ui_lib.c:544:while reading strings
C0E168720A7F0000:error:0480006D:PEM routines:PEM_def_callback:problems getting password:crypto/pem/pem_lib.c:62:
C0E168720A7F0000:error:07880109:common libcrypto routines:do_ui_passphrase:interrupted or cancelled:crypto/passphrase.c:175:
C0E168720A7F0000:error:1C80009F:Provider routines:p8info_to_encp8:unable to get passphrase:providers/implementations/encode_decode/encode_key2any.c:116:
创建私钥文件：

[root@node2 ~]# openssl genrsa -aes128 2048 > /etc/pki/tls/private/mo.key
Enter PEM pass phrase:                        # 设置密码为123456
Verifying - Enter PEM pass phrase:
# 指名该证书用到的私钥文件：-key    /etc/pki/tls/private/ftp.key
Enter pass phrase for /etc/pki/tls/private/mo.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:shanxi 
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:openlab
Organizational Unit Name (eg, section) []:RHCE
Common Name (eg, your name or your server's hostname) []:money
Email Address []:IHavemoney@more.com

重启服务

[root@localhost ~]# systemctl restart httpd