Apache-2.4+Tomcat-7+SSL +VirtualHost+自签发证书安装测试
一、安装依懒软件包
1、安装apr软件包
# wget -c http://ftp.cuhk.edu.hk/pub/packages/apache.org//apr/apr-1.5.2.tar.bz2
#tar -jxvf apr-1.5.2.tar.bz2
#cd apr-1.5.2
# ./configure --prefix=/usr/
#make
# make install
2、安装apr-util软件包
# wget http://ftp.cuhk.edu.hk/pub/packages/apache.org//apr/apr-util-1.5.4.tar.bz2
#tar -jxvf apr-util-1.5.4.tar.bz2
#cd apr-util-1.5.4
#cd /usr/local/src/apr-util-1.5.4
#./configure --prefix=/usr/ --with-apr=/usr/
#make
#make install
3、安装pcre软件包
#wget -c http://sourceforge.net/projects/pcre/files/pcre/8.37/pcre-8.37.tar.bz2/download
# tar -jxvf pcre-8.37.tar.bz2
#cd pcre-8.37
# ./configure --prefix=/usr/local/
#make
#make install
二、安装Apache软件包
#wget -c http://apache.fayea.com//httpd/httpd-2.4.16.tar.bz2
#cd httpd-2.4.16
#./configure --prefix=/usr/local/apache-2.4 --enable-modules=all --enable-mods-shared=all --enable-ssl
#make
#make install
三、开启ssl支持
1、修改vi httpd.conf 开启
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Include conf/extra/httpd-ssl.conf
四、生成自签发证书:
# cd /usr/local/apache-2.4/conf/
#openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout server.key -out server.crt
#根据实际情况填写国家、组织、地区、公司名生成自签发证书
五、启动Aapche软件测试。。
#/usr/local/apache-2.4/bin/apachectl start
https://访问, 注意防火墙开启443端口
六、Apache+Tomcat-7 联配
1、 安装JDK 略
# wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-7/v7.0.64/bin/apache-tomcat-7.0.64.tar.gz
# wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.41-src.tar.gz
2、安装Tomcat
# tar -zxvf apache-tomcat-7.0.64.tar.gz
# ln -s tomcat apache-tomcat-7.0.64
3、安装tomcat-connectors模块
# tar -zxvf tomcat-connectors-1.2.41-src.tar.gz
# cd tomcat-connectors-1.2.41-src
# ./ buildconf.sh
# ./configure --with-apxs=/usr/local/apache-2.4/bin/apxs --with-tomcat=/usr/local/tomcat --with-java-home=/usr/local/jdk --with-jni
#make
#make install
七、开启mod_jk模块
修改vi httpd.conf最后添加如下 开启 mod_jk module 支持
# Load mod_jk module
LoadModule jk_module modules/mod_jk.so
# Where to find workers.properties
JkWorkersFile /usr/local/apache/conf/workers.proferties
# Where to put jk logs
JkLogFile /usr/local/apache/logs/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the timestamp log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkRequestLogFormat set the request format
JkRequestLogFormat "%w %V %T"
# JkOptions indicate to send SSL KEY SIZE,
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
# Send servlet for context /examples to worker named worker1
#JkMount /examples/*.jsp worker1
JkMount /servlet/* worker1
# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1
八、新建 workers.proferties 文件
[root@localhost conf]# more workers.proferties
workers.tomcat_home=/usr/local/tomcat
workers.java_home=/usr/local/jdk
ps=/
worker.list=worker1
worker.worker1.port=8009
worker.worker1.host=localhost
worker.worker1.type=ajp13
worker.worker1.connection_pool_timeout=600
worker.worker1.socket_keepalive=1
worker.worker1.lbfactor=1
worker.inprocess.stdout=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stdout
worker.inprocess.stderr=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stderr
[root@localhost conf]#
九、Apache+Tomcat+SSL+虚拟主机:
1、修改: httpd-ssl.conf 添加如下虚拟主机
# General setup for the virtual host
DocumentRoot "/www/clients/aaa.com/htdocs"
ServerName www.aaa.com:443
ServerAdmin you@example.com
ErrorLog "/www/clients/aaa.com/logs/error_log"
TransferLog "/www/clients/aaa.com/logs/access_log"
Options -Indexes +FollowSymlinks
AllowOverride All
Require all granted
DirectoryIndex login.jsp index.jsp
#JkMount /examples/*.jsp worker1
JkMount /servlet/* worker1
# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile "/usr/local/apache-2.4/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache-2.4/conf/server.key"
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/usr/local/apache-2.4/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
# General setup for the virtual host
DocumentRoot "/www/clients/bbb.com/htdocs"
ServerName www.bbb.com:443
ServerAdmin you@example.com
ErrorLog "/www/clients/bbb.com/logs/error_log"
TransferLog "/www/clients/bbb.com/logs/access_log"
Options -Indexes +FollowSymlinks
AllowOverride All
Require all granted
DirectoryIndex login.jsp index.jsp
#JkMount /examples/*.jsp worker1
JkMount /servlet/* worker1
# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile "/usr/local/apache-2.4/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache-2.4/conf/server.key"
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/usr/local/apache-2.4/logs/ssl_requbbest_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
十、添加Tomcat虚拟主机:
1、修改:Tomcat的配置文件 server.xml 添加如下:
pattern="%h %l %u %t "%r" %s %b" />
pattern="%h %l %u %t "%r" %s %b" />
十一、编写测试页面:
[root@localhost htdocs]# pwd
/www/clients/aaa.com/htdocs
[root@localhost htdocs]# more index.jsp
Hello wwww.aaa.com World! ");%>
[root@localhost htdocs]#
[root@localhost htdocs]# pwd
/www/clients/bbb.com/htdocs
[root@localhost htdocs]# more index.jsp
Hello wwww.bbb.com World! ");%>
[root@localhost htdocs]#
十二、启动: apache、tomcat进行测试
# /usr/local/apache/bin/apachectl start
# /usr/local/tomcat/bin/startup.sh
2、修改本机主机hosts 测试
https://www.aaa.com
https://www.bbb.com
附:优化Tomcat参数:修改:catalina.sh文件 增加如下红色字
# Set juli LogManager config file if it is present and an override has not been issued
if [ -z "$LOGGING_CONFIG" ]; then
if [ -r "$CATALINA_BASE"/conf/logging.properties ]; then
LOGGING_CONFIG="-Djava.util.logging.config.file=$CATALINA_BASE/conf/logging.properties"
else
# Bugzilla 45585
LOGGING_CONFIG="-Dnop"
fi
fi
JAVA_OPTS="-server -Xms256m -Xmx2048m -XX:PermSize=64M -XX:MaxNewSize=256m -XX:MaxPermSize=512m "
Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Roblox: Grow A Garden - Complete Mutation Guide
3 weeks agoByDDD
Roblox: Bubble Gum Simulator Infinity - How To Get And Use Royal Keys
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
How to fix KB5055612 fails to install in Windows 10?
3 weeks agoByDDD
Nordhold: Fusion System, Explained
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Mandragora: Whispers Of The Witch Tree - How To Unlock The Grappling Hook
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Hot Tools
SublimeText3 English version
Recommended: Win version, supports code prompts!
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
Dreamweaver CS6
Visual web development tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Mac version
God-level code editing software (SublimeText3)
