wamp5 开启 ssl

最新推荐文章于 2021-08-08 02:30:59 发布

Able张

最新推荐文章于 2021-08-08 02:30:59 发布

阅读量654

点赞数

分类专栏： Apche 文章标签： apache ssl

Apche 专栏收录该内容

16 篇文章 0 订阅

订阅专栏

安装环境：Wampserver集成安装包；window7 x64系统。

openssl.exe 所在位置 E:\wamp\bin\apache\apache2.4.9\bin

1.打开cmd,进入openssl.exe所在位置

cd E:\wamp\bin\apache\apache2.4.9\bin

2.设置配置文件

set OPENSSL_CONF=../conf/openssl.cnf

3.生成需要的私钥

openssl genrsa > root.key   // 生成根密钥  
openssl genrsa > server.key  // 生成服务端密钥  
openssl genrsa > client.key  // 生成客户端密钥

4.生成自签名的根证书

openssl req -x509 -new -key root.key > root.crt  
openssl req -new -key server.key -out server.csr  
openssl req -new -key client.key -out client.csr  
Country Name (2 letter code) [AU]:CNISO国家代码（只支持两位字符）  
State or Province Name (full name) [Some-State]:ZJ所在省份  
Locality Name (eg, city) []:HZ所在城市  
Organization Name (eg, company):THS公司名称  
Organizational Unit Name (eg, section) []:THS组织名称  
Common Name (eg, YOUR name) []:localhost(申请证书的域名或IP地址)  
Email Address []:laoniangke@xxx.com管理员邮箱  
   
Please enter the following 'extra' attributes  
to be sent with your certificate request  
A challenge password []:交换密钥  
An optional company name []:

5.配置openssl.cnf

md demoCA  
md demoCA\newcerts  
md demoCA\private  
cd. > demoCA\index.txt  
echo 01 > demoCA\serial  
echo 01 > demoCA\crlnumber  
openssl genrsa -out demoCA/private/cakey.pem 2048  
openssl req -out demoCA/cacert.pem -x509 -new -key demoCA/private/cakey.pem

6.使用根证书为服务端及客户端签名

openssl ca -in server.csr -cert root.crt -keyfile root.key -out server.crt  
openssl ca -in client.csr -cert root.crt -keyfile root.key -out client.crt

7.将客户端证书转成pfx格式，并在浏览器上导入该证书

openssl pkcs12 -export -clcerts -in client.crt -inkey client.key -out client.pfx

8.配置http.conf，所在位置E:\wamp\bin\apache\apache2.4.9\conf\http.conf，反注释（只列出修改部分）

LoadModule socache_shmcb_module modules/mod_socache_shmcb.so  
LoadModule sslmodule modules/modssl.so  
Include conf/extra/httpd-ssl.conf

9.配置http-ssl.conf，所在位置E:\wamp\bin\apache\apache2.4.9\conf\extra\http-ssl.conf(只列出修改部分)

SSLSessionCache "shmcb:E:/wamp/logs/ssl_scache"  
Mutex default  
<VirtualHost _default_:443>  
DocumentRoot "E:/wamp/www"  
ServerName localhost:443  
ServerAdmin admin@example.com  
ErrorLog "E:/wamp/logs/apache_error.log"  
TransferLog "E:/wamp/logs/access.log"  
   
SSLEngine on  
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL  
SSLCertificateFile "E:/wamp/bin/apache/apache2.4.9/bin/server.crt"  
SSLCertificateKeyFile "E:/wamp/bin/apache/apache2.4.9/bin/server.key"  
   
SSLCACertificateFile "E:/wamp/bin/apache/apache2.4.9/bin/root.crt"  
SSLVerifyClient require  
SSLVerifyDepth  10  
  
<FilesMatch "\.(cgi|shtml|phtml|php)$">  
    SSLOptions +StdEnvVars +ExportCertData  
</FilesMatch>  
  
CustomLog "E:/wamp/logs/ssl_request.log" \  
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"  
            
</VirtualHost>

重启 wampserver，如有问题，查看E:\wamp\logs\apache_error.log

如果发现apache 重启不了

后面有问题就到apache的/bin/httpd.exe -t 来看错误
也要看一下是否有程序占用443端口

I've also enabled "LoadModule status_module modules/mod_status.so" using the following configuration in httpd.conf:

<IfModule status_module>

ExtendedStatus On
<Location /server-status>
    SetHandler server-status
</Location>

</IfModule>

You can check now your server status here

https://localhost/server-status/

Able张

关注

0
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
wamp5 开启 ssl

安装环境：Wampserver集成安装包；window7 x64系统。openssl.exe 所在位置 E:\wamp\bin\apache\apache2.4.9\bin1.打开cmd,进入openssl.exe所在位置[plain] view plaincopyprint?e: cd E:\wamp\
复制链接

扫一扫