linux下虚拟网站的创建以及基于https的数据访问

step1：

step2：

step3：

[root@zh certs]# make zh.crt          /编写zh.crt文件
umask 77 ; \
/usr/bin/openssl genrsa -aes128 2048 > zh.key
Generating RSA private key, 2048 bit long modulus
....+++
..........+++
e is 65537 (0x10001)
Enter pass phrase:
Verifying - Enter pass phrase:
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key zh.key -x509 -days 365 -out zh.crt
-set_serial 0
Enter pass phrase for zh.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:86         /国家代码
State or Province Name (full name) []:shaanxi      /省
Locality Name (eg, city) [Default City]:xi'an      /市
Organization Name (eg, company) [Default Company Ltd]:openlab.cn      /公司名称
Organizational Unit Name (eg, section) []:tech      /部门
Common Name (eg, your name or your server's hostname) []:www.openlab.com      /域名
Email Address []:openlab@openlab.cn /e-mail
[root@zh certs]# systemctl restart httpd       /重启服务
Enter SSL pass phrase for www.openlab.com:443 (RSA) : ******       /输入密码

step4：编写辅配置文件

<directory /openlab>
	allowoverride none
	require all granted
</directory>
<directory /openlab/usr/money>
	allowoverride none
	require all granted
</directory>
<directory openlab/usr/students>
	authtype basic
	authname "pleasr put passwd"
	authuserfile /etc/httpd/userfile
	require user song tian
</directory>

<directory openlab/usr/data>
	allowoverride none
	require all granted
</directory>

<virtualhost 192.168.111.130:80>
	servername www.openlab.com
	documentroot /openlab
	alias /data /openlab/usr/data
	alias /students /openlab/usr/students
</virtualhost>

<virtualhost 192.168.111.130:443>
	sslengine on
	SSLProtocol all -SSLv2
	SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
	SSLCertificateFile /etc/pki/tls/certs/zh.crt
	SSLCertificateKeyFile /etc/pki/tls/certs/zh.key
	documentroot /openlab
	servername www.openlab.com
	alias /money /openlab/usr/money
	errorlog "/var/log/httpd/dummy-host2.example.com-error_log"customlog "/var/log/httpd/dummy-	host2.example.com-access_log" common
</virtualhost>



[root@zh certs]# systemctl restart httpd       /重启服务
Enter SSL pass phrase for www.openlab.com:443 (RSA) : ******        /输入密码

step5:

[root@zh certs]# htpasswd -c /etc/httpd/userfile song       /为song用户编写密码
New password: 
Re-type new password: 
Adding password for user song

[root@zh certs]# htpasswd -c /etc/httpd/userfile tian      /为tian用户编写密码
New password: 
Re-type new password: 
Adding password for user tian

step6：在Linux系统里添加主机

[root@zh certs]# vim /etc/hosts

127.0.0.1  
localhost localhost.localdomain localhost4 local
host4.localdomain4
::1         localhost
localhost.localdomain localhost6 localhost6.localdomain6
192.168.111.130  www.openlab.com

step7: 测试

[root@zh certs]# curl http://www.openlab.com
welcome to openlab!
在Linux系统上可以基于域名访问