Http和Https配置

最新推荐文章于 2023-05-26 15:27:34 发布
最新推荐文章于 2023-05-26 15:27:34 发布
阅读量872 收藏
点赞数
文章标签: http https linux
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/mw5258/article/details/125919957
版权

HTTP和HTTPS配置

HTTP配置

虚拟主机

虚拟主机有三类

  • 相同IP不同端口
  • 不同IP相同端口
  • 相同IP相同端口不同域名

相同IP不同端口

[root@100 ~]# vim /etc/httpd/conf/httpd.conf
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
#
ServerName www.example.com:80			将前面的#去掉

[root@100 ~]# find / -name *vhosts.conf
/usr/share/doc/httpd/httpd-vhosts.conf
[root@100 ~]# cp /usr/share/doc/httpd/httpd-vhosts.conf /etc/httpd/conf.d/
[root@100 ~]# cd /etc/httpd/conf.d/
[root@100 conf.d]# ls
autoindex.conf  httpd-vhosts.conf  manual.conf  README  userdir.conf  welcome.conf
[root@100 conf.d]# vim httpd-vhosts.conf
<VirtualHost *:80>
    DocumentRoot "/var/www/html/tank"
    ServerName www.tank100.com
    ErrorLog "/var/log/httpd/www.tank100.com-error_log"
    CustomLog "/var/log/httpd/www.tank100.com-access_log" common
</VirtualHost>

Listen 81
<VirtualHost *:81>
    DocumentRoot "/var/www/html/poker"
    ServerName www.poker233.com
    ErrorLog "/var/log/httpd/www.poker100.com-error_log"
    CustomLog "/var/log/httpd/www.poker100.com-access_log" common
</VirtualHost>

[root@100 conf.d]# httpd -t
Syntax OK
[root@100 conf.d]# systemctl restart httpd

在这里插入图片描述
在这里插入图片描述

不同IP相同端口

[root@100 conf.d]# vim httpd-vhosts.conf
<VirtualHost 192.168.159.100:80>
    DocumentRoot "/var/www/html/tank"
    ServerName www.tank100.com
    ErrorLog "/var/log/httpd/www.tank100.com-error_log"
    CustomLog "/var/log/httpd/www.tank100.com-access_log" common
</VirtualHost>

<VirtualHost 192.168.159.101:80>
    DocumentRoot "/var/www/html/poker"
    ServerName www.poker233.com
    ErrorLog "/var/log/httpd/www.poker100.com-error_log"
    CustomLog "/var/log/httpd/www.poker100.com-access_log" common
</VirtualHost>

[root@100 conf.d]# httpd -t
Syntax OK
[root@100 conf.d]# systemctl restart httpd
[root@100 conf.d]# ip addr add 192.168.159.101/24 dev ens33
[root@100 conf.d]# ip a |grep ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    inet 192.168.159.100/24 brd 192.168.159.255 scope global noprefixroute ens33
    inet 192.168.159.101/24 scope global secondary ens33

在这里插入图片描述
在这里插入图片描述

相同IP相同端口不同域名

[root@100 conf.d]# vim httpd-vhosts.conf
<VirtualHost *:80>
    DocumentRoot "/var/www/html/tank"
    ServerName www.tank100.com
    ErrorLog "/var/log/httpd/www.tank100.com-error_log"
    CustomLog "/var/log/httpd/www.tank100.com-access_log" common
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/var/www/html/poker"
    ServerName www.poker233.com
    ErrorLog "/var/log/httpd/www.poker100.com-error_log"
    CustomLog "/var/log/httpd/www.poker100.com-access_log" common
</VirtualHost>

[root@100 conf.d]# httpd -t
Syntax OK
[root@100 conf.d]# systemctl restart httpd

Linux修改hosts文件

[root@100 ~]# vim /etc/hosts
192.168.159.100 www.tank100.com www.poker233.com

[root@100 ~]# curl www.tank100.com
<!DOCTYPE html>
<html lang="zh" class="no-js demo-1">
        <head>
                <meta charset="UTF-8" />
                <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
                <meta name="viewport" content="width=device-width, initial-scale=1.0">
                <script src="js/jquery.min.js"></script>
                <script src="js/Helper.js"></script>
                <script src="js/keyboard.js"></script>
                <script src="js/const.js"></script>
                <script src="js/level.js"></script>
                <script src="js/crackAnimation.js"></script>
                <script src="js/prop.js"></script>
                <script src="js/bullet.js"></script>
                <script src="js/tank.js"></script>
                <script src="js/num.js"></script>
                <script src="js/menu.js"></script>
                <script src="js/map.js"></script>
                <script src="js/Collision.js"></script>
                <script src="js/stage.js"></script>
                <script src="js/main.js"></script>
                <link rel="stylesheet" type="text/css" href="css/default.css" />
                <style type="text/css">
                        #canvasDiv canvas{
                                position:absolute;
                        }
                </style>
        </head>
        <body>
                <div class="container">
                        <head><h3>操作说明:玩家1:wasd上左下右,space射击;玩家2:方向键,enter射击。n下一关,p上一关。</h3></head>
                        <div class="main clearfix">
                                <div id="canvasDiv" >
                                        <canvas id="wallCanvas" ></canvas>
                                        <canvas id="tankCanvas" ></canvas>
                                        <canvas id="grassCanvas" ></canvas>
                                        <canvas id="overCanvas" ></canvas>
                                        <canvas id="stageCanvas" ></canvas>
                                </div>
                        </div>

                </div><!-- /container -->
                <div style="text-align:center;">
<p>来源:<a href="http://www.mycodes.net/" target="_blank">源码之家</a></p>
</div>

        </body>
</html>

Windows修改hosts文件

将C:\Windows\System32\drivers\etc\hosts拖到桌面用记事本打开进行修改
在最后一行添加
192.168.159.100 www.tank100.com www.poker233.com
保存后再将hosts文件拖回C:\Windows\System32\drivers\etc\下

在这里插入图片描述
在这里插入图片描述

HTTPS配置

查询有没有ssl模块和其配置文件

[root@100 ~]# httpd -M |grep ssl
[root@100 ~]#

安装ssl模块

[root@100 ~]# dnf -y install mod_ssl
[root@100 ~]# ls /etc/httpd/conf.modules.d |grep ssl
00-ssl.conf
[root@100 ~]# cd /etc/httpd/conf.modules.d/
[root@100 conf.modules.d]# cat 00-ssl.conf
LoadModule ssl_module modules/mod_ssl.so
[root@100 conf.modules.d]# httpd -M |grep ssl
AH00526: Syntax error on line 85 of /etc/httpd/conf.d/ssl.conf:
SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty

生成私有证书

[root@100 ~]# mkdir -p /etc/pki/CA/private
[root@100 ~]# cd /etc/pki/CA/
[root@100 CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
.........................................................+++++
...................+++++
e is 65537 (0x010001)

[root@100 CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:WH
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:www.tank100.com
Email Address []:11@22.com

[root@100 CA]# ls
cacert.pem  certs  crl  newcerts  private
[root@100 CA]# touch index.txt && echo 01 > serial

[root@100 CA]# cd /etc/httpd && mkdir ssl && cd ssl
[root@100 ssl]# (umask 077;openssl genrsa -out httpd.key 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
....+++++
.....................+++++
e is 65537 (0x010001)
[root@100 ssl]# openssl req -new -key httpd.key -days 365 -out httpd.csr
Ignoring -days; not generating a certificate
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:WH
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:www.tank100.com
Email Address []:11@22.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

[root@100 ssl]# openssl ca -in /etc/httpd/ssl/httpd.csr -out httpd.crt -days 365
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 1 (0x1)
        Validity
            Not Before: Jul 21 11:49:54 2022 GMT
            Not After : Jul 21 11:49:54 2023 GMT
        Subject:
            countryName               = CN
            stateOrProvinceName       = HB
            organizationName          = Default Company Ltd
            commonName                = www.tank100.com
            emailAddress              = 11@22.com
        X509v3 extensions:
            X509v3 Basic Constraints:
                CA:FALSE
            Netscape Comment:
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier:
                A5:DA:2D:F7:18:12:93:BF:57:CF:9D:32:F7:70:8E:F4:60:DD:0A:A0
            X509v3 Authority Key Identifier:
                keyid:E1:1B:8D:28:DD:A3:AF:49:53:6D:1D:6F:CA:25:FC:E4:D9:78:41:4E

Certificate is to be certified until Jul 21 11:49:54 2023 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

[root@100 ~]# vim /etc/httpd/conf.d/ssl.conf

SSLCertificateFile /etc/httpd/ssl/httpd.crt

#   Server Private Key:
#   If the key is not combined with the certificate, use this
#   directive to point at the key file.  Keep in mind that if
#   you've both a RSA and a DSA private key you can configure
#   both in parallel (to also allow the use of DSA ciphers, etc.)
#   ECC keys, when in use, can also be configured in parallel
SSLCertificateKeyFile /etc/httpd/ssl/httpd.key

[root@100 ~]# httpd -t
Syntax OK
[root@100 ~]# systemctl restart httpd

在这里插入图片描述

时羽天
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 1
    评论
tomcat同时使用httphttps访问的配置方法
09-30
主要介绍了tomcat同时使用httphttps访问的配置方法,小编觉得挺不错的,现在分享给大家,也给大家做个参考。一起跟随小编过来看看吧
nginx http重定向https配置说明
09-30
主要介绍了nginx http重定向https配置说明的相关资料,需要的朋友可以参考下
linux下浏览器提示不安全证书,关于如何取消访问https时的提示:“此网站的安全证书存在问题”的解决方法...
weixin_30869777的博客
05-14 1926
大家是不是也经常遇到访问https网站时,提示:“此网站的安全证书存在问题”,然后让你选择是关闭该网页,还是继续浏览网站,如下图:根据提示,我们也可以得知是证书的问题导致的,由于平时如果无特殊要求,我们可能会忽略这个问题,点击:继续浏览此网站,但有时需要我们取消提示,以便为用户提供更为友好的访问界面。由于我们平时练习时使用的证书都是自己通过命令或其他方式生成的,是自签发的证书,这种证书是不可信的,...
启动httpd服务:SSLCertificateFile: file ‘/var/www/miq/vmdb/certs/server.cer‘ does not exist or is empty
weixin_44048054的博客
04-18 960
启动httpd服务:SSLCertificateFile: file ‘/var/www/miq/vmdb/certs/server.cer’ does not exist or is empty 启动httpd服务,失败: 复制代码 [root@test vmdb]# service httpd restart Stopping httpd: [FAILED] Starting httpd: Syntax error o
Linux apache下导入SSL证书
chengxuyuanyonghu的专栏
03-13 4216
自制ssl凭证 大体流程: 先建立一把 private key 预备提供给 SSL 凭证签名要求所用; 2. 最后建立 SSL 凭证 (test certificates)。 建立凭证文件 [root@bird certs]# cd /etc/pki/tls/certs/ [root@bird certs]
Apache启动失败
iteen的博客
08-22 825
再次启动会发现包另外的错误: '/etc/pki/tls/private/localhost.key' does not exist or is empty。apache启动的时候报错/etc/pki/tls/certs/localhost.crt' does not exist or is empty。这时可以尝试创建一个假证书。
Apache2.4版本增加ssl模块记录
蛮荒仙侠
03-14 804
文章索引:SSLCertificateFile: file '/etc/httpd/server.crt' does not exist or is empty 步骤1:修改配置文件 $ vi /usr/local/apache/conf/httpd.conf #去掉这里注释 LoadModule socache_shmcb_module modules/mod_socache_shmcb.so <IfModule ssl_module> SSLRandomSeed startup b..
apache-2.4.4安装与配置
weixin_33817333的博客
07-21 838
需下载的源程序:httpd-2.4.4.tar.gzhttp://www.apache.org/dyn/closer.cgiapr-1.4.8.tar.gz apr-util-1.5.2.tar.gzhttp://apr.apache.org/download.cgipcre-8.33.tar.gzhttp://sourceforge.net/projects/pcre/fi...
Apache:SSLCertificateFile:文件不存在或为空(操作系统RHEL7)
11-04 1294
配置参数及报错信息(配置了TLS加密后httpd服务无法启动) 我在httpd.conf文件中引用了上面创建的文件。但在那之后,当我尝试RESTART Apache时,我遇到以下错误: 错误:SSLCertificateFile:文件'/var/www/html/www0.key'不存在或为空 路径是正确的。 文件也存在。 文件中甚至有数据,因此它不是空的。 解决...
Windows http https的搭建
h1825819493的博客
05-26 2288
①勾选IIS②一直点击下一步,安装即可③安装完成后可以看到左侧多了一个IIS管理器,右侧点击工具中的IIS进行配置(不同版本服务器的iis就是上下的位置不一样,都在工具中)④打开iis管理器,看到我们存在一个初始化的站点,打开浏览器直接访问IP地址可以访问到他⑤创建一个新的站点,然后启动网站⑥重启网站发现报错,是因为网站根目录下不存在文件添加完文件再次重启网页还是一样报错⑦开启目录浏览功能,搭建完成。
Nginx同时支持HttpHttps配置详解
09-29
主要介绍了Nginx同时支持HttpHttps配置详解,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧
配置httphttps
馆主的博客
07-22 2304
配置httphttps
HTTP环境下添加HTTPS的实际解决方案
xiaogangpi的专栏
01-22 6163
背景:项目如果遇到外网公开访问,或者是外围系统对接使用的是HTTPS,亦或者增加兼容http,都需要添加HTTPS渠道。 HTTPS 简介 Http超⽂本传输协议,明⽂传输 ,传输不安全,https在传输数据的时候会对数据进⾏加密;ssl协议、TLS(transport layer security)协 HTTPSHTTP的主要区别 HTTPS协议使⽤时需要到电⼦商务认证授权机构(CA)申请SSL证书 HTTP默认使⽤8080端⼝,HTTPS默认使⽤8443端⼝ HTTPS则是具有SSL加密的安
linux7 ssl,[Centos7] HTTPS/SSL憑證的SELINUX設置
weixin_36448964的博客
05-18 140
自動目錄要讓網頁支援SSL,先決條件,你得申請或購買SSL的憑證,取回的憑證會有以下檔案。放置憑證檔/etc/pki/tls/certs/root.cer, server.cer, server-chain.cer(不一定有中繼憑證)/etc/pki/tls/private/privatekey.key編輯 ssl.conf# vi /etc/httpd/conf.d/ssl.confSSLCe...
CentOS,Apache 配置SSL
w87848608的专栏
09-04 602
CentOS 5启用SSL 先按装mod_ssl yum install mod_ssl 完毕后在 /etc/httpd/conf.d/下会有一个ssl.conf的文件,打开 主要是看下证书及密钥的位置 SSLCertificateFile /etc/pki/tls/certs/localhost.crt SSLCertificateKeyFile /etc/pki/tls/priv
宝塔部署sll证书报错CertificateFile: file ‘/etc/letsencrypt/live/域名/fullchain.pem‘ does not exist or is empty
G佳伟
07-12 749
根据上图提示报错找到对应的站点并关闭ssl证书,关闭后重新提交“部署成功” 宝塔报错SSLCertificateFile: file '/etc/letsencrypt/live/fullchain.pem' does not exist or is empty
Apache(httpd)配置ssl证书实现HTTPS
热门推荐
叶落自飘零的博客
07-09 2万+
本篇文章主要讲述如何给Apache配置ssl证书以实现https协议;
linux启动apache提示xe,apache启动失败:Job for httpd.service failed because the control process exited with er...
weixin_29092787的博客
05-14 3269
今天小编在https网站改造时使用“systemctl httpd restart”命令Apache启动失败,输出了如下的错误信息:Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl ...
YDOOK : CentOS7 + httpd SSL 证书部署完全详细教程
YDOOK
08-12 8614
在进行了简单的httpd设置后,就可以为网站添加SSL证书功能了。 首先得获取证书,有了证书才能添加。我们采用本地上传的方式将SSL证书上传到CentOS上。 首先,判断CentOS7是否已经安装了SSL证书服务模块 mod_ssl 与 openssl: rpm -qa mod_ssl 键入上式,没有反应就是没有安装SSL证书服务模块 mod_ssl。一般新装的CentOS7默认没有安...
nginx配置httphttps
最新发布
09-06
配置Nginx同时支持HTTPHTTPS,您需要进行如下步骤: 1. 安装Nginx: 在Ubuntu中,可以使用以下命令安装Nginx: ``` sudo apt-get update sudo apt-get install nginx ``` 2. 配置HTTP: 默认情况下,...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值