1、搭建一个通过网址https://www.openlab.com/money访问的缴费网站,网站内容为money
一:关闭selinux和防火墙;创建网页目录,并写入内容;并在linux下的hosts文件内写入域名与本机ip地址的映射
[root@server ~]# setenforce 0
setenforce: SELinux is disabled
[root@server ~]# systemctl stop firewalld
[root@server ~]# yum install httpd -y
[root@server ~]# mkdir -p /www/openlab
[root@server ~]# ehco 'welcom to openlab' > /www/openlab/index.html
[root@server ~]# vim /etc/hosts
[root@server student]# mkdir /www/openlab/money
[root@server student]# echo 'money' > /www/openlab/money/index.html
[root@server student]# chmod 755 -R /www/openlab/money
[root@server student]# yum install mod_ssl -y
[root@server student]# openssl genrsa -aes128 2048 > /etc/pki/tls/private/openlab.key
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
[root@server student]# openssl req -utf8 -new -key /etc/pki/tls/private/openlab.key -x509 -days 365 -out /etc/pki/tls/certs/openlab.crt
Enter pass phrase for /etc/pki/tls/private/openlab.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:shanxi
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:openlab
Organizational Unit Name (eg, section) []:RHCE
Common Name (eg, your name or your server's hostname) []:localhost
Email Address []:2551403079@qq.com
[root@server student]# vim /etc/httpd/conf/httpd.conf
<VirtualHost 192.168.163.142:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/openlab.crt
SSLCertificatekeyFile /etc/pki/tls/private/openlab.key
ServerName 192.168.163.142
DocumentRoot /www/openlab
alias /money /www/openlab/money
</VirtualHost>
<Directory /www/openlab/money>
AllowOverride none
require all granted
</Directory>
[root@server student]# systemctl restart httpd
🔐 Enter TLS private key passphrase for 192.168.163.142:443 (RSA) : ********
2、配置DNS的正向解析
第一步:关闭安全软件并安装
[root@ssh-server ~]# setenforce 0
[root@ssh-server ~]# systemctl stop firewalld
[root@ssh-server ~]# yum install bind -y
第二步:在服务器端进行配置DNS主配置文件
[root@ssh-server ~]#vim /etc/named.conf
修改前:
修改后:
第三步:在服务端进行编辑区域配置文件
[root@ssh-server ~]#vi /etc/name.rfc1912.zones
修改前
修改后
第四步:在服务端编辑数据配置文件
[root@ssh-server ~]# cd /var/named
[root@ssh-server ~]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
[root@ssh-server ~]# cp -a named.localhost openlab.com.zone # 复制模板进行编辑
[root@ssh-server ~]# vim openlab.com.zone
修改前
修改后
第五步重启服务
[root@ssh-server ~]# systemctl start named
第六步:更改客户端dns服务IP并测试
[root@ssh-server ~]# vim /etc/NetworkManager/system-connections/ens160.nmconnection # 打开并编辑网卡配置文件
[root@ssh-server ~]# nmcli connection reload # 重载配置文件
[root@ssh-server ~]# nmcli connection up ens160 # 激活
[root@ssh-server ~]# nslookup
> www.openlab.com
Server: 192.168.163.2
Address: 192.168.163.2#53
Name: www.openlab.com
Address: 192.168.163.2
> ftp.openlab.com
Server: 192.168.163.2
Address: 192.168.163.2#53
Name: ftp.openlab.com
Address: 192.168.163.2
> www1.openlab.com
Server: 192.168.163.2
Address: 192.168.163.2#53
www1.openlab.com canonical name = www.openlab.com.
Name: www.openlab.com
Address: 192.168.163.2