目录
3.编辑配置文件/etc/httpd/conf.d/myhost.conf写入内容
3.新建编辑配置文件/etc/httpd/conf.d/porthost.conf 并写入/修改内容
2. 修改配置文件/etc/httpd/conf.d/myhost.conf并写入/修改内容
4.到浏览器访问www.qweqwe.com查看是否生效编辑
2.编辑配置文件/etc/httpd/conf.d/porthost.conf,为端口添加域名(及别名)即可
4.重启httpd服务并到浏览器分别使用ip+端口和域名进行访问查看是否生效
一.基于IP搭建web服务器
通过两个不同的ip来演示
1.为虚拟机网卡新添加一个ip地址并重启网卡
nmcli connection modify ens33 ipv4.method manual +ipv4.addresses 192.168.2.138/24 ipv4.gateway 192.168.2.1 ipv4.dns 114.114.114.114 connection.autoconnect yes
“+”号表示添加一个ip不覆盖原有ip
[root@sulibao ~]# nmcli connection modify ens33 ipv4.method manual +ipv4.addresses 192.168.2.138/24 ipv4.gateway 192.168.2.1 ipv4.dns 114.114.114.114 connection.autoconnect yes
[root@sulibao ~]# nmcli connection down ens33
[root@sulibao ~]# nmcli connection up ens33
2. 新建配置目录并写入内容
mkdir -p:创建层级目录
[root@sulibao ~]# mkdir -p /www/ip/{135,138}
[root@sulibao ~]# echo "This is ip 135" > /www/ip/135/index.html
[root@sulibao ~]# echo "This is ip 138" > /www/ip/138/index.html
3.编辑配置文件/etc/httpd/conf.d/myhost.conf写入内容
注意:每个人创建的文本文件(myhost.conf)不同,请务必将ip地址,根目录以及目录权限修改为自己虚拟机的实际参数值
[root@sulibao ~]# vim /etc/httpd/conf.d/myhost.conf
<VirtualHost 192.168.2.135> //此时填写自己虚拟机已连接网卡的ip1
DocumentRoot "/www/ip/135" //指定根目录,也就是你刚才创建的层级目录
<Directory "/www/ip/135"> //设置目录权限
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 192.168.2.138> //此时填写自己虚拟机已连接网卡的ip2
DocumentRoot "/www/ip/138"
<Directory "/www/ip/138">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
4.重启httpd服务
systemctl restart httpd.service
[root@sulibao ~]# systemctl restart httpd.service
5.到浏览器访问ip查看是否生效
图示为已生效
二.基于同一IP不同端口搭建服务器
1.查看端口号是否被占用
netstat -anp | grep 8080
如果监听状态为Listen则已经被占用,需要另外的端口
[root@sulibao ~]# netstat -anp | grep 8080
2.新建配置目录并写入内容
[root@sulibao ~]# mkdir -p /www/port/{8080,9090}
[root@sulibao ~]# echo "this is ip 8080" > /www/port/8080/index.html
[root@sulibao ~]# echo "this is ip 9090" > /www/port/9090/index.html
3.新建编辑配置文件/etc/httpd/conf.d/porthost.conf 并写入/修改内容
注意:每个人创建的文本文件不同,请务必将ip地址,根目录以及目录权限修改为自己虚拟机的实际参数值
[root@sulibao ~]# vim /etc/httpd/conf.d/porthost.conf
listen 8080
<VirtualHost 192.168.2.135:8080>
DocumentRoot "/www/port/8080"
<Directory "/www/port/8080">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
listen 9090
<VirtualHost 192.168.2.135:9090>
DocumentRoot "/www/port/9090"
<Directory "/www/port/9090">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
4.重启httpd服务
[root@sulibao ~]# systemctl restart httpd.service
5.到浏览器访问ip+不同端口查看是否生效
三.基于DNS域名搭建服务器
1.新建配置目录并写入内容
[root@sulibao ~]# mkdir /www/dns/qwe -p
[root@sulibao ~]# echo "This is for dns" > /www/dns/qwe/index.html
2. 修改配置文件/etc/httpd/conf.d/myhost.conf并写入/修改内容
[root@sulibao ~]# vim /etc/httpd/conf.d/dnshost.conf
<VirtualHost 192.168.2.135>
DocumentRoot "/www/dns/qwe"
ServerName www.qweqwe.com //此处指定你需要用到的域名
<Directory "/www/dns/qwe">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
3.配合测试需要在windows端为域名“放行 ”
可以手动编辑C:\Windows\System32\drivers\etc\hosts,不建议使用
建议以管理员身份运行Windows PowerShell,直接cd到\etc下使用ls查看hosts文件是否存在
再使用notepad hosts编辑hosts文件,在文本末尾添加你虚拟机ip以及刚才创建的域名,保存即可
PS C:\WINDOWS\system32> cd .\drivers\etc\
PS C:\WINDOWS\system32\drivers\etc> ls
目录: C:\WINDOWS\system32\drivers\etc
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 2023/1/8 21:06 890 hosts
-a---- 2022/5/7 13:22 3683 lmhosts.sam
-a---- 2022/5/12 12:16 407 networks
-a---- 2022/5/12 12:16 1358 protocol
-a---- 2022/5/12 12:16 17635 services
PS C:\WINDOWS\system32\drivers\etc> notepad .\hosts
注意: 放行时不需要指定端口
4.到浏览器访问www.qweqwe.com查看是否生效
![a4d101060f2a41c1a2c667c288823180.png](https://i-blog.csdnimg.cn/blog_migrate/b80b4d1ab61786723c1b8f32e33fed0b.png)
四.将不同域名解析到同一ip的不同端口
即:端口1和域名1共同访问端口1内容,端口2和域名2共同访问端口2内容,以前文端口9090和9091演示,具体操作回看前文。
1.保证通过两个端口能够访问
2.编辑配置文件/etc/httpd/conf.d/porthost.conf,为端口添加域名(及别名)即可
[root@sulibao ~]# vim /etc/httpd/conf.d/porthost.conf
listen 8080
<VirtualHost 192.168.2.135:8080>
DocumentRoot "/www/port/8080"
ServerName www.port8080.com
#ServerAlias xxx.com
<Directory "/www/port/8080">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
listen 9090
<VirtualHost 192.168.2.135:9090>
DocumentRoot "/www/port/9090"
ServerName www.port9090.com
<Directory "/www/port/9090">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
3.在windows端为两个域名放行
具体操作查看前文
4.重启httpd服务并到浏览器分别使用ip+端口和域名进行访问查看是否生效
五.配置https加密
1.下载软件并生成密钥文件
[root@localhost certs]# yum install -y mod_ssl
[root@localhost conf.d]# cd /etc/pki/tls/certs/
[root@localhost certs]# openssl genrsa -aes128 2048 > jiami.key
[root@localhost certs]# openssl req -utf8 -new -key jiami.key -x509 -days 100 -out jiami.crt
[root@localhost certs]# ll
total 12
lrwxrwxrwx. 1 root root 49 Jul 29 2022 ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
lrwxrwxrwx. 1 root root 55 Jul 29 2022 ca-bundle.trust.crt -> /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt
-rw-r--r-- 1 root root 1237 Dec 25 21:19 jiami.crt
-rw-r--r-- 1 root root 1874 Dec 25 21:18 jiami.key
-rw-r--r-- 1 root root 3980 Dec 25 21:21 localhost.crt
2.写配置文件
这里我是新例子,以160主机为例,主要是配置以下这几行
sslengine on
SSLCertificateFile /etc/pki/tls/certs/jiami.crt
SSLCertificateKeyFile /etc/pki/tls/certs/jiami.key
注意:除此外,还要确保ssl.conf下这里的配置一致
[root@localhost conf.d]# cat ssl.conf | grep SSLCertificateKeyFile
SSLCertificateKeyFile /etc/pki/tls/certs/jiami.key
[root@localhost conf.d]# cat ssl.conf | grep SSLCertificateFile
# Point SSLCertificateFile at a PEM encoded certificate. If
SSLCertificateFile /etc/pki/tls/certs/jiami.crt
# the referenced file can be the same as SSLCertificateFile
[root@localhost conf.d]# cat myweb.conf
<VirtualHost 192.168.2.160>
servername www.ssll.com
DocumentRoot /www/ip
<Directory "/www">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 192.168.2.160:443>
servername www.ssll.com
DocumentRoot /www/ip
sslengine on
SSLCertificateFile /etc/pki/tls/certs/jiami.crt
SSLCertificateKeyFile /etc/pki/tls/certs/jiami.key
<Directory "/www">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
[root@localhost conf.d]# pwd
/etc/httpd/conf.d
3.重启服务进行验证
[root@localhost conf.d]# systemctl restart httpd #输入开头·创建密钥时输入的密码
🔐 Enter TLS private key passphrase for localhost.localdomain:443 (RSA) : *******
[root@localhost conf.d]#