一、卸载linux自带的httpd服务
先后执行以下命令
[root@localhost etc]# rpm -qa|grep httpd
[root@localhost etc]# rpm -e gnome-user-share
[root@localhost etc]# rpm -e httpd
二、安装apache httpd服务
1.上传源码包
将需要安装的服务源码包上传到服务器,并解压到目录usr/local/httpd下
2.进入文件夹expat-2.0.1安装expat
#./configure
#make
#make install
3.进入文件夹apr-1.7.0安装apr
#./configure --prefix=/usr/local/httpd/apr
#make
#make install
4.进入文件夹apr-util-1.6.1安装apr-util
#./configure --prefix=/usr/local/httpd/apr-util --with-apr=/usr/local/httpd/apr
#make
#make install
5.进入文件夹pcre-8.42安装pcre
#./configure --prefix=/usr/local/httpd/pcre
#make
#make install
6.安装配置openssl
1) 执行一下三条命令安装openssl
#./config shared --prefix=/usr/local/httpd/openssl
#make
#make install
2)执行命令vim /etc/ld.so.conf在文件ld.so.conf最后添加:/usr/local/httpd/openssl/lib,保存之后执行命令 ldconfig -v
3)在etc/的profile的最后一行,添加:
export OPENSSL=/usr/local/openssl/bin
export PATH=$OPENSSL:$PATH:$HOME/bin
4)退出命令行重新登录,并进去openssl安装目录,执行命令 ldd ./bin/openssl 会出现类似如下信息:
linux-vdso.so.1 => (0x00007fff3bc73000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007fc5385d7000)
libc.so.6 => /lib64/libc.so.6 (0x00007fc538279000)
/lib64/ld-linux-x86-64.so.2 (0x00007fc5387db000)
5)查看路径 which openssl
6)查看版本 openssl version
7.进入文件夹httpd-2.4.43安装httpd
#./configure --prefix=/usr/local/httpd/httpd --with-apr=/usr/local/httpd/apr --with-apr-util=/usr/local/httpd/apr-util --with-pcre=/usr/local/httpd/pcre --enable-so --enable-mods-shared=most --enable-ssl --with-ssl=/usr/local/httpd/openssl
#make
#make install
配置环境变量
1)执行 vim /etc/profile 命令在最后添加下面两行
export HTTPD=/usr/local/httpd/httpd/bin
export PATH=
H
T
T
P
D
:
HTTPD:
HTTPD:PATH:$HOME/bin
2)执行source /etc/profile 命令使环境变量生效
8.配置https地址的反向代理
上传ssl证书到httpd安装目录的conf文件夹下,进入httpd安装目录
执行vim conf/httpd.conf 命令编辑配置文件
1)取消下面的#号
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule ssl_module modules/mod_ssl.so
#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
#LoadModule status_module modules/mod_status.so
#LoadModule substitute_module modules/mod_substitute.so
#Include conf/extra/httpd-ssl.conf
2)修改ServerName 为本机localhost
3)保存
执行 vim conf/extra/httpd-ssl.conf 命令编辑配置文件,删除 VirtualHost配置,添加如下配置,并保存
<VirtualHost *:443>
ServerAdmin localhost
ServerName localhost
SSLEngine on
SSLProxyEngine On
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
SSLProxyVerify none
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM
SSLCertificateFile “/usr/local/httpd/httpd/conf/ssl.crt”
SSLCertificateKeyFile “/usr/local/httpd/httpd/conf/ssl.key”
SSLCertificateChainFile “/usr/local/httpd/httpd/conf/ssl.crt”
ProxyPreserveHost On
ProxyRequests Off
ProxyPass “/” “https://www.baidu.com/”
ProxyPassReverse “/” “https://www.baidu.com/”
9.执行service httpd start命令启动httpd服务
如果遇见 403 错误代码 ,则在httpd-ssl.conf找到ProxyPreserveHost On行,注释掉就可以了
10.生成ssl证书
https://csr.chinassl.net/generator-csr.html
附件下载
https://download.csdn.net/download/qq_22316973/12500136