openssl实现私有CA:
取消注释
[root@zhenzhu ~]# cd /usr/local/apache/conf/
[root@zhenzhu conf]# vim httpd.conf
#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule ssl_module modules/mod_ssl.so //删除#
#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
# Virtual hosts
Include conf/extra/httpd-vhosts.conf //删除#
修改文件httpd-vhosts.conf
[root@zhenzhu ssl]# cd ..
[root@zhenzhu conf]# vim extra/httpd-vhosts.conf
[root@zhenzhu conf]# tail -17 extra/httpd-vhosts.conf
#
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/www.zhenzhu.com"
ServerName www.zhenzhu.com
ErrorLog "logs/www.zhenzhu.com-error_log"
CustomLog "logs/www.zhenzhu.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/www.zhenzhu.com"
ServerName www.zhenzhu.com
ErrorLog "logs/www.zhenzhu.com-error_log"
CustomLog "logs/www.zhenzhu.com-access_log" common
</VirtualHost>
[root@zhenzhu conf]#
创建目录 移动文件 重新启动服务
[root@zhenzhu conf]# mkdir -p /usr/local/apache/htdocs/{www.zhenzhu.com,blog.zhenzhu.com}
[root@zhenzhu conf]# ls /usr/local/apache/htdocs
blog.zhenzhu.com index.html www.zhenzhu.com
[root@zhenzhu conf]#
[root@zhenzhu conf]# mv /var/www/html/blog/* /usr/local/apache/htdocs/blog.zhenzhu.com/
[root@zhenzhu conf]# mv /var/www/html/www/* /usr/local/apache/htdocs/www.zhenzhu.com/
[root@zhenzhu conf]# apachectl stop
[root@zhenzhu conf]# apachectl start
[root@zhenzhu conf]#
修改httpd.conf 文件
[root@zhenzhu conf]# vim httpd.conf
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf //删除注释
#
#LoadModule cache_socache_module modules/mod_cache_socache.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so //删除注释
#LoadModule socache_dbm_module modules/mod_socache_dbm.so
修改extra/httpd-ssl.conf的文件
[root@zhenzhu conf]# vim extra/httpd-ssl.conf
# General setup for the virtual host
DocumentRoot "/usr/local/apache/htdocs/www.zhenzhu.com"
ServerName www.zhenzhu.com:443
ServerAdmin you@example.com
ErrorLog "/usr/local/apache/logs/www.zhenzhu.com_error_log"
TransferLog "/usr/local/apache/logs/www.zhenzhu.com_access_log"
# SSL Engine Switch:
SSLCertificateFile "/usr/local/apache/conf/ssl/httpd.crt"
#SSLCertificateFile "/usr/local/apache/conf/server-dsa.crt"
#SSLCertificateFile "/usr/local/apache/conf/server-ecc.crt"
SSLCertificateKeyFile "/usr/local/apache/conf/ssl/httpd.key"
#SSLCertificateKeyFile "/usr/local/apache/conf/server-dsa.key"
#SSLCertificateKeyFile "/usr/local/apache/conf/server-ecc.key"
重启服务
[root@zhenzhu conf]# apachectl stop
[root@zhenzhu conf]# apachectl start
[root@zhenzhu conf]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 *:443 *:*
LISTEN 0 128 *:8080 *:*
LISTEN 0 128 *:80 *:*
[root@zhenzhu conf]#