RHCE—第二次作业

1、搭建一个通过网址https://www.openlab.com/money访问的缴费网站，网站内容为money

        一：关闭selinux和防火墙；创建网页目录，并写入内容；并在linux下的hosts文件内写入域名与本机ip地址的映射

[root@server ~]# setenforce 0
setenforce: SELinux is disabled
[root@server ~]# systemctl stop firewalld
[root@server ~]# yum install httpd -y 
 
[root@server ~]# mkdir -p /www/openlab
[root@server ~]# ehco 'welcom to openlab' > /www/openlab/index.html
 
 
[root@server ~]# vim /etc/hosts

[root@server student]# mkdir /www/openlab/money
[root@server student]# echo 'money' > /www/openlab/money/index.html
[root@server student]# chmod 755 -R /www/openlab/money
[root@server student]# yum install mod_ssl -y
 
 
[root@server student]# openssl genrsa -aes128 2048 > /etc/pki/tls/private/openlab.key
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
[root@server student]# openssl req -utf8 -new -key /etc/pki/tls/private/openlab.key -x509 -days 365 -out /etc/pki/tls/certs/openlab.crt
Enter pass phrase for /etc/pki/tls/private/openlab.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:shanxi
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:openlab
Organizational Unit Name (eg, section) []:RHCE
Common Name (eg, your name or your server's hostname) []:localhost
Email Address []:2551403079@qq.com

[root@server student]# vim /etc/httpd/conf/httpd.conf 
<VirtualHost 192.168.163.142:443>
        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/openlab.crt
        SSLCertificatekeyFile /etc/pki/tls/private/openlab.key
        ServerName 192.168.163.142
        DocumentRoot /www/openlab
        alias /money /www/openlab/money
</VirtualHost>
<Directory /www/openlab/money>
        AllowOverride none
        require all granted
</Directory>
[root@server student]# systemctl restart httpd
🔐 Enter TLS private key passphrase for 192.168.163.142:443 (RSA) : ********     

2、配置DNS的正向解析

       第一步：关闭安全软件并安装

[root@ssh-server ~]# setenforce 0
[root@ssh-server ~]# systemctl stop firewalld
[root@ssh-server ~]# yum  install bind -y

       第二步：在服务器端进行配置DNS主配置文件

[root@ssh-server ~]#vim  /etc/named.conf 

           修改前：

   

        修改后：

       第三步：在服务端进行编辑区域配置文件

[root@ssh-server ~]#vi /etc/name.rfc1912.zones

     修改前

        

修改后

    第四步：在服务端编辑数据配置文件

[root@ssh-server ~]# cd  /var/named
[root@ssh-server ~]# ls
data  dynamic  named.ca  named.empty  named.localhost  named.loopback  slaves
[root@ssh-server ~]# cp  -a  named.localhost openlab.com.zone # 复制模板进行编辑
[root@ssh-server ~]# vim  openlab.com.zone 

    修改前

    修改后

    第五步重启服务

[root@ssh-server ~]# systemctl start named

    第六步：更改客户端dns服务IP并测试

[root@ssh-server ~]# vim  /etc/NetworkManager/system-connections/ens160.nmconnection      # 打开并编辑网卡配置文件
[root@ssh-server ~]# nmcli  connection  reload   # 重载配置文件
[root@ssh-server ~]# nmcli  connection  up ens160  # 激活

[root@ssh-server ~]# nslookup 
> www.openlab.com
Server:		192.168.163.2
Address:	192.168.163.2#53

Name:	www.openlab.com
Address: 192.168.163.2
> ftp.openlab.com
Server:		192.168.163.2
Address:	192.168.163.2#53

Name:	ftp.openlab.com
Address: 192.168.163.2
> www1.openlab.com
Server:		192.168.163.2
Address:	192.168.163.2#53

www1.openlab.com	canonical name = www.openlab.com.
Name:	www.openlab.com
Address: 192.168.163.2