Apache中的加密访问

最新推荐文章于 2023-07-26 15:58:13 发布

Jwenh

最新推荐文章于 2023-07-26 15:58:13 发布

阅读量152

点赞数

文章标签： linux

本文链接：https://blog.csdn.net/weixin_45041580/article/details/119298004

版权

[root@westosb html]#  dnf install mod_ssl -y   ##安装加密插件mod_ssl
[root@westosb html]# mkdir /etc/httpd/tls
[root@westosb html]# cd

[root@westosb ~]# openssl req --newkey rsa:2048 -nodes -sha256 -keyout /etc/httpd/tls/westos.org.key -x509 -days 365 -out /etc/httpd/tls/westos.org.crt      ##重新生成密钥和证书
Generating a RSA private key
.....................................................................+++++
.......................................................................................................................................+++++
writing new private key to '/etc/httpd/tls/westos.org.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn    ##国家
State or Province Name (full name) []:shanxi   ##省
Locality Name (eg, city) [Default City]:xian   ##城市
Organization Name (eg, company) [Default Company Ltd]:westos   ##组名称
Organizational Unit Name (eg, section) []:linux    
Common Name (eg, your name or your server's hostname) []:www.westos.org
Email Address []:admin@qq.com
[root@westosb ~]# ls /etc/httpd/tls/   ##生成的证书和钥匙
westos.org.crt  westos.org.key
[root@westosb ~]# mkdir /var/www/vhost/westos.org/login  

[root@westosb ~]# vim /var/www/vhost/westos.org/login/index.html
//
gin.westos.org
//
[root@westosb ~]# vim /etc/httpd/conf.d/vhosts.conf 
//
<VirtualHost *:443>   ##443是https端口
 ServerName login.westos.org
DocumentRoot /var/www/vhost/westos.org/login
CustomLog logs/login.log combined
SSLEngine on
SSLCertificateFile /etc/httpd/tls/westos.org.crt
SSLCertificateKeyFile /etc/httpd/tls/westos.org.key
</VirtualHost>
//
[root@westosb ~]# systemctl restart httpd

在搜索主机上的操作：

[root@westos_student11 ~]# vim /etc/hosts
//
172.25.254.211 www.westos.org music.westos.org news.westos.org jwh.westos.org wsgi.westos.org login.westos.org  ##
//

我们在浏览器所在的真实主机不走加密路径也可以直接访问172.25.254.211，这显然是不合理的，出安全性考虑，当客户主机使用非加密方式访问时，我们要将其转换成加密方式来进行访问，这里需要页面转换：

[root@westosb ~]# vim /etc/httpd/conf.d/vhosts.conf   ##编写虚拟主机配置文件
//
<VirtualHost *:80>
 ServerName login.westos.org
RewriteEngine On
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1
 </VirtualHost>
//
[root@westosb ~]# systemctl restart   ##重启httpd服务

Jwenh

关注

0
点赞
踩
2

收藏

觉得还不错? 一键收藏
0
评论
Apache中的加密访问

[root@westosb html]# dnf install mod_ssl -y ##安装加密插件mod_ssl[root@westosb html]# mkdir /etc/httpd/tls[root@westosb html]# cd[root@westosb ~]# openssl req --newkey rsa:2048 -nodes -sha256 -keyout /etc/httpd/tls/westos.org.key -x509 -days 365 -out /et.
复制链接

扫一扫