Apache搭建https
1、创建ssl证书
yum install openssl
yum install libssl-dev
2、创建证书
cd /etc/ssl
mkdir private
cd private
openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout demo.key -out demo.crt
Country Name (2 letter code) [AU]:按需输入国家,如:CN
State or Province Name (full name) [Some-State]:按需输入省份,如:BJ
Locality Name (eg, city) []:按需输入城市
Organization Name (eg, company) [Internet Widgits Pty Ltd]:按需输入公司名称
Organizational Unit Name (eg, section) []:按需输入组织单位名称
Common Name (eg, YOUR name) []:按需输入域名
Email Address []:按需输入电邮地址
-x509 显示证书和签名工具,-days 证书的有效期,-sha1 证书加密算法,-newkey rsa:1024 创建一个新key,1024表示公钥长度为1024bits
命令执行完会创建demo.key与demo.crt
3、创建Virtual Host
cd /etc/httpd/conf/httpd.conf
添加virtual host配置内容
<VirtualHost *:443>
DocumentRoot 目录(eg:/home/root/)
ServerName 域名(Common Name)
<Directory "目录">
allow from all
AllowOverride all
Options -Indexes FollowSymLinks
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/private/demo.crt
SSLCertificateKeyFile /etc/ssl/private/demo.key
SSLCipherSuite AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
SSLHonorCipherOrder on
</VirtualHost>
开启SSL Engine及设置使用的证书,端口443
SSLEngine on
SSLCertificateFile /etc/ssl/private/demo.crt
SSLCertificateKeyFile /etc/ssl/private/demo.key
4、查看httpd.conf配置内容
yum install -y mod_ssl
cd /etc/httpd/conf/httpd.conf
LoadModule ssl_module modules/mod_ssl.so
查看是否存在#LoadModule ssl_module modules/mod_ssl.so
若未找到,则在# LoadModule foo_module modules/mod_foo.so下方添加LoadModule ssl_module modules/mod_ssl.so即可
5、查看Linsten端口
Listen 443
6、LoadModule ssl_module modules/mod_ssl.so & Listen 443 & <VirtualHost *:443> 三个值都符合 检查通过