RHEL4下配置HTTPS
為了簡單明瞭,先採用RPM包的方式安裝Apache伺服器。
# cd /misc/cd/RedHat/RPMS/ //進入光碟的包存放目錄
# rpm -ivh rpmdb-redhat-4-0.20070421.i386.rpm //安裝這個包的目的是便於解決有些程式的依賴性關係
# rpm -ivh rpmdb-redhat-4-0.20070421.i386.rpm //安裝這個包的目的是便於解決有些程式的依賴性關係
# rpm -ivh --aid httpd-2.0.52-32.ent.i386.rpm //加--aid自動解決包的依賴性關係,因此前面已經安裝了rpmdb包
# rpm -ivh mod_ssl-2.0.52-32.ent.i386.rpm //安裝這個包的目的是實現https
# echo 'this is my first page!' > /var/www/html/index.html //新建一個預設主頁放到apache定義的預設主目錄中
# service httpd start //啟動伺服器
在瀏覽器中輸入 https://伺服器IP 安裝證書就可以實現安全的HTTP了。
但是這時候的證書是mod_ssl自動生成的,資訊並不是我們自己想要的!所以我們可以用下面的方法制作自己的證書。
# cd /etc/httpd/conf //進入apache配置檔案存放目錄
# rm -f ssl.*/server.* //將mod_ssl自動安裝的相關證書和簽名檔案刪除
# openssl genrsa -des3 1024 > ssl.key/server.key //生成私鑰檔案(Private Key)該檔案要求輸入口令。
# openssl rsa -in ssl.key/server.key -out ssl.key/server.key //如果不想使用口令可以去掉,這時會要求輸入生成時設定的口令。
# rm -f ssl.*/server.* //將mod_ssl自動安裝的相關證書和簽名檔案刪除
# openssl genrsa -des3 1024 > ssl.key/server.key //生成私鑰檔案(Private Key)該檔案要求輸入口令。
# openssl rsa -in ssl.key/server.key -out ssl.key/server.key //如果不想使用口令可以去掉,這時會要求輸入生成時設定的口令。
# openssl req -new -key ssl.key/server.key -out ssl.csr/server.csr //生成證書籤名請求檔案(Certificate Signing Request)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:CH //輸入國家名稱
State or Province Name (full name) [Berkshire]:BeiJing //省名
Locality Name (eg, city) [Newbury]:Beijing //城市
Organization Name (eg, company) [My Company Ltd]:XHCE //組織名稱
Organizational Unit Name (eg, section) []:BJXH //單位名稱
Common Name (eg, your name or your server's hostname) []:[url]http://yuan2.blog.51cto.com[/url] //根據具體情況填寫
Email Address []:weisheng213@126.com //郵箱
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:CH //輸入國家名稱
State or Province Name (full name) [Berkshire]:BeiJing //省名
Locality Name (eg, city) [Newbury]:Beijing //城市
Organization Name (eg, company) [My Company Ltd]:XHCE //組織名稱
Organizational Unit Name (eg, section) []:BJXH //單位名稱
Common Name (eg, your name or your server's hostname) []:[url]http://yuan2.blog.51cto.com[/url] //根據具體情況填寫
Email Address []:weisheng213@126.com //郵箱
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: //質詢密碼,可以不寫
An optional company name []: //可以不寫
to be sent with your certificate request
A challenge password []: //質詢密碼,可以不寫
An optional company name []: //可以不寫
# openssl x509 -in ssl.csr/server.csr -out ssl.crt/server.crt -req -signkey ssl.key/server.key -days 365 //讓伺服器自己當證書籤名伺服器,安全電子商務中需要向第三方商業機構申請。
Signature ok
subject=/C=CH/ST=BeiJing/L=Beijing/O=XHCE/OU=BJXH/CN=http://yuan2.blog.51cto.com/emailAddress=weisheng213@126.com
Getting Private key
Signature ok
subject=/C=CH/ST=BeiJing/L=Beijing/O=XHCE/OU=BJXH/CN=http://yuan2.blog.51cto.com/emailAddress=weisheng213@126.com
Getting Private key
# vi ../conf.d/ssl.conf //編輯mod_ssl的主配置檔案將
#DocumentRoot "/var/www/html" 前面的#號去掉
# service httpd restart //重啟apache伺服器以讀取新的證書資訊
在客戶端輸入伺服器的地址測試得到下面的資訊:
點選檢視證書得到面結果:
安裝好證書就可以實現安全HTTP了!
相關文章
- https學習,resin下配置httpsHTTP
- rhel4的ftp的配置FTP
- centos nginx下配置免費httpsCentOSNginxHTTP
- tomcat下配置https環境TomcatHTTP
- 配置rhel4的raw device servicedev
- Mac下配置Apache Httpd的Https/SSLMacApachehttpd
- HTTPS訪問:weblogic下配置SSLHTTPWeb
- windows下用nginx配置https伺服器WindowsNginxHTTP伺服器
- Tomcat (1) —— Mac下配置Tomcat Https/SSLTomcatMacHTTP
- gogs配置httpsGoHTTP
- express 配置httpsExpressHTTP
- Nginx配置HTTPSNginxHTTP
- mac環境下配置nginx反向代理,https協議MacNginxHTTP協議
- Centos6.3下Apache配置https證書訪問CentOSApacheHTTP
- 配置rhel4的rdate時間同步服務
- 二、Nginx 配置 httpsNginxHTTP
- weblogic配置httpsWebHTTP
- Tomcat配置HTTPSTomcatHTTP
- 為solr配置HttpsSolrHTTP
- 配置https協議HTTP協議
- oracle asmlib 新的下載地址 for rhel4OracleASM
- 配置HTTPS伺服器HTTP伺服器
- Nginx 配置https證書NginxHTTP
- springboot 配置 httpsSpring BootHTTP
- Nginx配置Https專案NginxHTTP
- 如何配置https站點HTTP
- Charles配置https抓包HTTP
- 全站HTTPS升級系列(三)nginx配置全站HTTPSHTTPNginx
- 使用openssl在windows 10下本地xampp配置https開發環境WindowsHTTP開發環境
- Ubuntu下為Apache簡單配置SSL的方法(HTTPS的實現)UbuntuApacheHTTP
- Nginx使用SSL模組配置httpsNginxHTTP
- HTTPS的SSL證書配置HTTP
- nginx docker容器配置https(ssl)NginxDockerHTTP
- nginx+php-fpm配置HTTPSNginxPHPHTTP
- Nginx如何配置HTTPS詳解NginxHTTP
- phpstudy apache 配置 https 證照PHPApacheHTTP
- Homestead 站點如何配置 httpsHTTP
- nginx 專案配置 https 訪問NginxHTTP