####apache的管理与应用####

于 2019-05-04 11:08:30 发布
阅读量976 收藏 1
点赞数
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_44821839/article/details/89575213
版权
本文详细介绍了Apache的安装、基础配置、端口修改、访问控制、虚拟主机设置以及HTTPS安全协议的应用。通过实例演示了如何创建和管理虚拟主机,支持PHP、CGI和Python等语言,并展示了启用HTTPS的方法。
摘要由CSDN通过智能技术生成

####apache####
##1.apache
企业中常用wed服务,用来提供http:// (超文本传输协议)

##2.apache的安装部署
1.环境配置
(1).网络通,设IP地址
(2).内核强制防火墙/etc/sysconfig/selinux
selinux=enforcing
(3).yum源配置
在这里插入图片描述

2.安装

  yum install httpd-manual  ##使用手册
  systemctl start httpd   ##打开
  systemctl enable httpd  ##设置开机自启
  firewall-cmd --list-all  ##列出防火墙信息
  firewall-cmd --permanent --add-service=http ##永久允许http
  firewall-cmd --reload  ##重启防火墙

在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
访问测试:
在这里插入图片描述

编写默认发布文件:
/var/www/html/index.html
在这里插入图片描述
访问测试:在这里插入图片描述

###apache的基础配置信息###
主配置目录 /etc/httpd/conf
主配置文件/etc/httpd/conf/httpd.conf
子配置目录 /etc/httpd/conf.d
子配置文件 /etc/httpd/conf.d/*.conf ##在子配置目录中所有的以.conf 结尾的文件
默认发布目录 /var/www/html
默认发布文件 /var/www/html/Index.html ##默认发布目录中Index.html文件名称固定
默认端口 80

##默认端口修改###
apache 的默认端口80
netstat -antlupe | grep httpd ##查看服务端口
在这里插入图片描述
/etc/httpd/conf/httpd.conf ##修改主配置文件中的默认端口
在这里插入图片描述
在这里插入图片描述

[root@server conf]# ls
httpd.conf  magic
[root@server conf]# vim httpd.conf 
 42 Listen 8080  ##改变80端口  
[root@server conf]# systemctl restart httpd.service 
[root@server conf]# netstat -antlupe | grep httpd  ##查看端口80变成8080 但火墙还没开启服务
tcp6       0      0 :::8080                 :::*                    LISTEN      0          148158     31929/httpd         
[root@server conf]# firewall-cmd --add-port=8080/tcp  ##临时设定8080端口可以访问
success
[root@server conf]# firewall-cmd --list-all
public (default, active)
  interfaces: eth0
  sources: 
  services: dhcpv6-client http ssh
  ports: 8080/tcp   ##防火墙为8080端口服务
  masquerade: no
  forward-ports: 
  icmp-blocks: 
  rich rules:

访问测试
在这里插入图片描述
添加端口
semanage port -l | grep http ##查看允许使用的端口,selinux在强制状态时只有被其允许的端口才能进入
在这里插入图片描述

http_cache_port_t              tcp      8080, 8118, 8123, 10001-10010
http_cache_port_t              udp      3130
http_port_t                    tcp      80, 81, 443, 488, 8008,    8009, 8443, 9000   ##固定的端口
pegasus_http_port_t            tcp      5988
pegasus_https_port_t           tcp      5989
[root@server conf]# vim httpd.conf
42 Listen 8888 ##改变端口
[root@server conf]# systemctl restart  httpd.service 
[root@server conf]# getenforce
Enforcing
[root@server conf]# systemctl restart  httpd.service 
Job for httpd.service failed. See 'systemctl status httpd.service' and 'journalctl -xn' for details.  ##不存在8888端口,访问失败
[root@server conf]# semanage port -a -t http_port_t -p tcp 8888  ##添加8888端口
[root@server conf]# semanage port -l | grep http
http_cache_port_t              tcp      8080, 8118, 8123, 10001-10010
http_cache_port_t              udp      3130
http_port_t                    tcp      8888, 80, 81, 443, 488, 8008, 8009, 8443, 9000
pegasus_http_port_t            tcp      5988
pegasus_https_port_t           tcp      5989

[root@server conf]# firewall-cmd --add-port=8888/tcp ##防火墙添加8888端口
success
[root@server conf]# systemctl restart  httpd.service   ##访问172.25.254.206:8888

在这里插入图片描述
访问测试
在这里插入图片描述
##修改默认发布文件
默认发布文件就是当访问apache时服务默认访问的文件;这个文件可以指定多个,有访问顺序

[root@server html]# ls
index.html
[root@server html]# vim /etc/httpd/conf/httpd.conf 
169     DirectoryIndex test index.html  ##添加test 为默认访问

[root@server html]# systemctl restart httpd

[root@server html]# vim test.html  ##添加访问内容会访问到
[root@server html]# systemctl restart httpd

在这里插入图片描述
在这里插入图片描述
访问测试
在这里插入图片描述
修改默认发布目录

/var/www/html   ##更改前默认发布目录
[root@server html]# mkdir /www/html -p  ##创建新的目录作为发布目录
[root@server html]# semanage fcontext -a -t httpd_sys_content_t '/www/html(/.*)?'   ##更改安全上下文
[root@server html]# restorecon -FvvR /www/  ##更新
restorecon reset /www context unconfined_u:object_r:default_t:s0->system_u:object_r:default_t:s0
restorecon reset /www/html context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
[root@server html]# ls -Zd /www/html/  ##查看
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 /www/html/
[root@server html]# vim /www/html/index.html
 [root@server html]# systemctl restart httpd
[root@server html]# cd /www/html/
[root@server html]# ls -Z
-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 index.html
[root@server html]# vim /etc/httpd/conf/httpd.conf 
120 #DocumentRoot "/var/www/html"
121 DocumentRoot "/www/html"
122 <Directory "/www/html">
123         Require all granted
124 </Directory>
125 #

[root@server html]# systemctl restart httpd

在这里插入图片描述
在这里插入图片描述
访问测试
在这里插入图片描述
##5.apache 内部的访问控制##
(1)针对主机的访问控制
修改配置文件,在需要访问的发布目录的授权语块中进行编写,规定被限制的主机以及可以访问的主机。
/etc/httpd/conf/httpd.conf

[root@server html]# systemctl restart httpd

#DocumentRoot "/var/www/html"
DocumentRoot "/www/html"
<Directory "/www/html">
       Require all granted
       Order Deny,Allow  ##先读不允许再读允许,后读的会覆盖先读的所有都能访问
       Allow from all  ## 允许所有人
       Deny from 172.25.254.5 ##不允许172.25.254.5

</Directory>

注意:
order Allow,Deny 服务在读取限制名单的时候,按此处的顺序先读取Allow中的名单在读取Deny中的名单,当前后存在同一主机时后面读取的内容会覆盖之前的内容
在这里插入图片描述
访问测试:
172.25.254.246访问
在这里插入图片描述
172.25.254.46访问
在这里插入图片描述
(2)针对能访问的用户
htpasswd -cm /etc/httpd/userpass admin ##生成用户认证文件

New password:   ##输入密码
Re-type new password: 
Adding password for user admin
[root@server html]# htpasswd -m /etc/httpd/userpass  admin1  ## 设置第二个能访问的用户只能用-m
   
[root@server html]# vim /etc/httpd/conf/httpd.conf   ##修改配置文件

120 #DocumentRoot "/var/www/html"
121 DocumentRoot "/www/html"
122 <Directory "/www/html">
123        Require all granted
124 #       Order Allow,Deny  ##先允许,后不许(更改位置谁在前就先读谁)
125 #       Allow from all ##允许所有人访问
126 #       Deny from 172.25.254.106  ##不允许172.25.254.106
127         AuthUserFile   "/etc/httpd/.htpass_file"   ##授权文件位置
128         AuthType       basic   ##访问的方式是基础访问
129         AuthName       "Please input username and password!!" ##用户访问的方式用户名和密码
130     Require user  admin  ##允许访问的用户admin
131  #      Require        valid-user
132 </Directory>

访问测试:
在这里插入图片描述
###apache的虚拟主机##
虚拟主机指的是在同一机器上运行多个网站
创建发布目录及发布文件:

[root@localhost html]# vim index.html  *www.westos.com*
[root@localhost html]# ls
index.html  test
[root@localhost html]# cd /etc/httpd/conf.d
[root@localhost conf.d]# ls
autoindex.conf  README  userdir.conf  welcome.conf
[root@localhost conf.d]# vim vhost.conf
[root@localhost conf.d]# systemctl restart httpd
[root@localhost conf.d]# cd /etc/httpd
[root@localhost httpd]# ls
conf  conf.d  conf.modules.d  logs  modules  run
[root@localhost httpd]# cd logs/
[root@localhost logs]# ls
access_log  default.log  error_log
[root@localhost logs]# mkdir /web_virt_dir/{music,news}/html -p  ##创建不同域名的发布目录
[root@localhost logs]# ll /web_virt_dir/
total 0
drwxr-xr-x. 3 root root 17 Apr 27 21:36 music
drwxr-xr-x. 3 root root 17 Apr 27 21:36 news
[root@localhost logs]# ls -Zd /web_virt_dir/  ##查看此目录的安全上下文,无法时别,需要更改
drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 /web_virt_dir/
[root@localhost logs]# semanage fcontext -a -t httpd_sys_content_t '/web_virt_dir(/.*)?'  ##更改其安全上下文
[root@localhost logs]# restorecon -RvvF /web_virt_dir/  ##刷新安全上下文  更改成功
restorecon reset /web_virt_dir context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
restorecon reset /web_virt_dir/music context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
restorecon reset /web_virt_dir/music/html context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
restorecon reset /web_virt_dir/news context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
restorecon reset /web_virt_dir/news/html context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
[root@localhost logs]# vim /web_virt_dir/music/html/index.html  ##编辑发布文件music  music.westos.com
[root@localhost logs]# vim /web_virt_dir/news/html/index.html  ##编辑发布文件news  news.westos.com
[root@localhost logs]# cd /etc/httpd/conf.d
[root@localhost conf.d]# ls
autoindex.conf  README  userdir.conf  vhost.conf  welcome.conf
[root@localhost conf.d]# vim vhost.conf  ##更改配置文件
[root@localhost conf.d]# systemctl restart httpd  ##重启服务
[root@localhost conf.d]# cat vhost.conf
<VirtualHost _default_:80>
        DocumentRoot /var/www/html
        Customlog logs/default.log combined
</Virtualhost>


<VirtualHost *:80>
        DocumentRoot /web_virt_dir/music/html
        ServerName   music.westos.com
        Customlog logs/music.log combined
</Virtualhost>

<VirtualHost *:80>
        DocumentRoot /web_virt_dir/news/html
        ServerName   news.westos.com
        Customlog logs/news.log combined
 </Virtualhost>

<Directory "/web_virt_dir">
          Require all granted
</Directory>

在这里插入图片描述
在这里插入图片描述

测试:在真机测试
更改真机文件
[root@foundation5 ~]# cd /var/www/html
[root@foundation5 html]# ls
ks.cfg westos
[root@foundation5 html]# vim /etc/hosts
[root@foundation5 html]# firefox &
[1] 5116
[root@foundation5 html]# 1556416786676 addons.productaddons WARN Failed downloading XML, status: 0, reason: error
^C
[1]+ Done firefox
[root@foundation5 html]# vim /etc/hosts
1 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
2 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
3 172.25.254.205 www.westos.com music.westos.com news.westos.com
在这里插入图片描述
真机测试:
www.westos.com
music.westos.com
news.westos.com
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
###apache的语言支持##

php语言

rpm -q php   ##查看是否安装php
yum install -y php   ##安装php插件
 ls /etc/httpd/conf.d/   ##自动生成php.conf文件

在这里插入图片描述
在这里插入图片描述

2,编写php文件

[root@localhost html]# cd /var/www/html
[root@localhost html]# ls
index.html  test
[root@localhost html]# vim index.php  ##编辑发布文件

<?php
       phpinfo()
?>

[root@localhost html]# systemctl restart httpd

在这里插入图片描述

二.cgi perl

[root@localhost www]# ls
cgi-bin  html
[root@localhost www]# ls -Z
drwxr-xr-x. root root system_u:object_r:httpd_sys_script_exec_t:s0 cgi-bin
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 html
[root@localhost ~]# cd /var/www/html
[root@localhost html]# mkdir cgi
[root@localhost html]# ls
cgi  index.html  index.php  test
[root@localhost html]# ls -Z
drwxr-xr-x. root root unconfined_u:object_r:httpd_sys_content_t:s0 cgi
-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 index.html
-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 index.php
-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 test
[root@localhost html]# semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi(/.*)?'  ##更改安全上下文
[root@localhost html]# restorecon -RvvF /var/www/html/cgi  ##刷新安全上下文
restorecon reset /var/www/html/cgi context unconfined_u:object_r:httpd_sys_content_t:s0->system_u:object_r:httpd_sys_script_exec_t:s0
[root@localhost html]# vim /var/www/html/cgi/index.cgi  ##编辑index.cgi文件

#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;

[root@localhost html]# python /var/www/html/cgi/index.cgi 
Content-type: text/html


Hello, World.
[root@localhost html]# chmod +x cgi/index.cgi
[root@localhost html]# ./cgi/index.cgi 
Content-type: text/html

Hello, World.
[root@localhost html]# vim /etc/httpd/conf.d/vhost.conf
[root@localhost html]# systemctl restart httpd
26 <Directory "/var/www/html/cgi">
27      Options +ExecCGI
28      AddHandler cgi-script .cgi
29 </Directory>

在这里插入图片描述

真机检测:172.25.254.246/cgi/index.cgi
在这里插入图片描述

三.python语言 --webapp.wsgi
1.拷贝模板

lftp 172.25.254.250:~> ls
drwxr-xr-x   20 0        0            4096 Mar 26 07:53 pub
lftp 172.25.254.250:/> cd /pub
lftp 172.25.254.250:/pub> get webapp.wsgi
397 bytes transferred
[root@localhost html]# yum search wsgi
Loaded plugins: langpacks
============================== N/S matched: wsgi ===============================
mod_wsgi.x86_64 : A WSGI interface for Python web applications in Apache
python-beaker.noarch : WSGI middleware layer to provide sessions

  Name and summary matches only, use "search all" for everything.
[root@localhost html]# yum install mod_wsgi.x86_64 -y
Loaded plugins: langpacks
Resolving Dependencies
--> Running transaction check
---> Package mod_wsgi.x86_64 0:3.4-11.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package           Arch            Version                Repository       Size
================================================================================
Installing:
 mod_wsgi          x86_64          3.4-11.el7             westos           76 k

Transaction Summary
================================================================================
Install  1 Package

Total download size: 76 k
Installed size: 197 k
Downloading packages:
mod_wsgi-3.4-11.el7.x86_64.rpm                             |  76 kB   00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : mod_wsgi-3.4-11.el7.x86_64                                   1/1 
  Verifying  : mod_wsgi-3.4-11.el7.x86_64                                   1/1 

Installed:
  mod_wsgi.x86_64 0:3.4-11.el7                                                  

Complete!
[root@localhost html]# cd /etc/httpd/conf.d
[root@localhost conf.d]# ls
autoindex.conf  php.conf  README  userdir.conf  vhost.conf  welcome.conf
[root@localhost conf.d]# rpm -ql mod_wsgi-3.4-11.el7.x86_64 
/etc/httpd/conf.modules.d/10-wsgi.conf
/usr/lib64/httpd/modules/mod_wsgi.so
/usr/share/doc/mod_wsgi-3.4
/usr/share/doc/mod_wsgi-3.4/LICENCE
/usr/share/doc/mod_wsgi-3.4/README

[root@localhost html]# vim webapp.wsgi
#!/usr/bin/env python
import time

def application (environ, start_response):
  response_body = 'UNIX EPOCH time is now: %s\n' % time.time()
  status = '200 OK'
  response_headers = [('Content-Type', 'text/plain'),
                      ('Content-Length', '1'),
                      ('Content-Length', str(len(response_body)))]
  start_response(status, response_headers)
  return [response_body]
[root@localhost cgi-bin]# vim /etc/httpd/conf.d/vhost.conf

<VirtualHost *:80>
          ServerName   wsgi.westos.com
          WSGIScriptAlias / /var/www/cgi-bin/webapp.wsgi
 </Virtualhost>
[root@localhost cgi-bin]# systemctl restart htt

在这里插入图片描述
真机测试:
在主机中添加 wsgi.westos.com的本地解析域
vim /etc/hosts
在这里插入图片描述
浏览器输入 wsgi.westos.com
在这里插入图片描述
###https超文本传输安全协议####
1.下载ssl

Loaded plugins: langpacks
Resolving Dependencies
--> Running transaction check
---> Package mod_ssl.x86_64 1:2.4.6-17.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================
 Package         Arch           Version                   Repository      Size
===============================================================================
Installing:
 mod_ssl         x86_64         1:2.4.6-17.el7            westos          97 k

Transaction Summary
===============================================================================
Install  1 Package

Total download size: 97 k
Installed size: 219 k
Downloading packages:
mod_ssl-2.4.6-17.el7.x86_64.rpm                           |  97 kB   00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : 1:mod_ssl-2.4.6-17.el7.x86_64                               1/1 
  Verifying  : 1:mod_ssl-2.4.6-17.el7.x86_64                               1/1 

Installed:
  mod_ssl.x86_64 1:2.4.6-17.el7                                                

Complete!
[root@localhost ~]# cd /etc/httpd/conf.d/  ##自动生成ssl文件
[root@localhost conf.d]# ls
autoindex.conf  README    userdir.conf  welcome.conf
php.conf        ssl.conf  vhost.conf
[root@localhost conf.d]# systemctl restart httpd
[root@localhost conf.d]# netstat -antlupe | grep httpd
tcp6       0      0 :::443                  :::*                    LISTEN      0          88593      9698/httpd          
tcp6       0      0 :::80                   :::*                    LISTEN      0          88585      9698/httpd          
[root@localhost conf.d]# firewall-cmd --permanent --add-port=443/tcp
success
[root@localhost conf.d]# firewall-cmd --reload
success

在这里插入图片描述
2.下载加密工具crypto-utils.x86_64

Loaded plugins: langpacks
Resolving Dependencies
--> Running transaction check
---> Package crypto-utils.x86_64 0:2.4.1-42.el7 will be installed
--> Processing Dependency: perl(Newt) for package: crypto-utils-2.4.1-42.el7.x86_64
--> Running transaction check
---> Package perl-Newt.x86_64 0:1.08-36.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================
 Package              Arch           Version              Repository      Size
===============================================================================
Installing:
 crypto-utils         x86_64         2.4.1-42.el7         westos          78 k
Installing for dependencies:
 perl-Newt            x86_64         1.08-36.el7          westos          64 k

Transaction Summary
===============================================================================
Install  1 Package (+1 Dependent package)

Total download size: 143 k
Installed size: 347 k
Is this ok [y/d/N]: y
Downloading packages:
(1/2): crypto-utils-2.4.1-42.el7.x86_64.rpm               |  78 kB   00:00     
(2/2): perl-Newt-1.08-36.el7.x86_64.rpm                   |  64 kB   00:00     
-------------------------------------------------------------------------------
Total                                             1.3 MB/s | 143 kB  00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : perl-Newt-1.08-36.el7.x86_64                                1/2 
  Installing : crypto-utils-2.4.1-42.el7.x86_64                            2/2 
  Verifying  : crypto-utils-2.4.1-42.el7.x86_64                            1/2 
  Verifying  : perl-Newt-1.08-36.el7.x86_64                                2/2 

Installed:
  crypto-utils.x86_64 0:2.4.1-42.el7                                           

Dependency Installed:
  perl-Newt.x86_64 0:1.08-36.el7                                               

Complete!
3.查看加密路径
[root@localhost conf.d]# rpm -ql crypto-utils-2.4.1-42.el7.x86_64
/etc/cron.daily/certwatch
/usr/bin/certwatch
/usr/bin/genkey  ##加密路径
/usr/bin/keyrand
/usr/bin/keyutil
/usr/lib64/perl5/vendor_perl/Crypt
/usr/lib64/perl5/vendor_perl/Crypt/Makerand.pm
/usr/lib64/perl5/vendor_perl/auto/Crypt
/usr/lib64/perl5/vendor_perl/auto/Crypt/Makerand
/usr/lib64/perl5/vendor_perl/auto/Crypt/Makerand/Makerand.so
/usr/lib64/perl5/vendor_perl/auto/Crypt/Makerand/autosplit.ix
/usr/share/doc/crypto-utils-2.4.1
/usr/share/doc/crypto-utils-2.4.1/COPYING
/usr/share/doc/crypto-utils-2.4.1/LICENSE.librand
/usr/share/man/man1/certwatch.1.gz
/usr/share/man/man1/genkey.1.gz
/usr/share/man/man1/keyrand.1.gz
/usr/share/man/man3/Crypt::Makerand.3pm.gz

4.生成证书

/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=Shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.10261 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert

cmd_CreateNewCert
command:  makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=Shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.10261
output will be written to /etc/pki/tls/certs/www.westos.com.crt
output key written to /etc/pki/tls/private/www.westos.com.key


Generating key. This may take a few moments...

Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key 
Wrote the key to:
/etc/pki/tls/private/www.westos.com.key

在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
编辑完之后自动生成安全证书
在这里插入图片描述
编辑ssl文件

[root@localhost conf.d]# ls
autoindex.conf  README    tmprequest    vhost.conf
php.conf        ssl.conf  userdir.conf  welcome.conf
[root@localhost conf.d]# vim ssl.conf  ##注释100行,添加101 107行
[root@localhost conf.d]# systemctl restart httpd
100 #SSLCertificateFile /etc/pki/tls/certs/localhost.crt
101 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
102 #   Server Private Key:
103 #   If the key is not combined with the certificate, use this
104 #   directive to point at the key file.  Keep in mind that if
105 #   you've both a RSA and a DSA private key you can configure
106 #   both in parallel (to also allow the use of DSA ciphers, etc.)
107 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key

在这里插入图片描述
在真机浏览器查看是否生成专属证书
https://172.25.254.246
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述2设定https虚拟机并设定网页重写
vim /etc/httpd/conf.d/login.conf
在这里插入图片描述

<VirtualHost *:443>
         ServerName  www.westos.com
         DocumentRoot  /web_virt_dir/login/html
         SSLEngine  on
         SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
         SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</VirtualHost>

<VirtualHost *:80>
         ServerName  www.westos.com
         RewriteEngine on
         RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</VirtualHost>
~```
   systemctl restart httpd
创建虚拟机发布目录及文件
![在这里插入图片描述](https://img-blog.csdnimg.cn/20190504110538159.png)
访问测试:
访问www.westos.com会自动转换https://www.westos.com
![在这里插入图片描述](https://img-blog.csdnimg.cn/20190504110745303.png)
##lamp###
lamp是指一组通常一起使用运行的动态网站或服务器的自由软件名称的首字母
Linux+Apache+Mysql+Php
The Naive Girl
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值