Heim >Backend-Entwicklung >PHP-Tutorial >怎么配置apache使用https访问
配置apache使用https访问的方法:
准备
yum install mod_ssl openssl
生成一个自签名证书
cd /etc/pki/CA
1.生成2048位的加密私钥
openssl genrsa -out server.key 2048
2.生成证书签名请求
openssl req -new -key server.key -out server.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:beijing Locality Name (eg, city) [Default City]:beijing Organization Name (eg, company) [Default Company Ltd]:test.com Organizational Unit Name (eg, section) []:test Common Name (eg, your name or your server's hostname) []:test.com Email Address []:test@qq.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:123456 An optional company name []:test
3.生成类型为X509的自签名证书(有效期36500天)
openssl x509 -req -days 36500 -in server.csr -signkey server.key -out server.crt
3.配置Apache服务
vim /etc/httpd/conf.d/ssl.conf
1.修改下面的内容
SSLCertificateFile /etc/pki/CA/server.crt SSLCertificateKeyFile /etc/pki/CA/server.key
2.重启Apache
/etc/init.d/httpd restart
4.调整虚拟主机
cd /etc/httpd/conf.d vim test.conf
添加以下内容
NameVirtualHost *:443 <VirtualHost *:443> SSLEngine on SSLCertificateFile /etc/pki/CA/server.crt SSLCertificateKeyFile /etc/pki/CA/server.key <Directory /var/www/html/> AllowOverride All </Directory> ServerAdmin email@example.com DocumentRoot /var/www/html/ ServerName www.test.com </VirtualHost>
5.测试访问
1.因为域名只是一个测试的,所以需要再Windows下绑定hosts,自定绑定
2.访问测试
https://Ip
更多相关知识,请访问PHP中文网!