Apache-2.4+Tomcat-7+SSL +VirtualHost+自签发证书安装测试
一、安装依懒软件包
1、安装apr软件包
# wget -c http://ftp.cuhk.edu.hk/pub/packages/apache.org//apr/apr-1.5.2.tar.bz2
#tar -jxvf apr-1.5.2.tar.bz2
#cd apr-1.5.2
# ./configure --prefix=/usr/
#make
# make install
2、安装apr-util软件包
# wget http://ftp.cuhk.edu.hk/pub/packages/apache.org//apr/apr-util-1.5.4.tar.bz2
#tar -jxvf apr-util-1.5.4.tar.bz2
#cd apr-util-1.5.4
#cd /usr/local/src/apr-util-1.5.4
#./configure --prefix=/usr/ --with-apr=/usr/
#make
#make install
3、安装pcre软件包
#wget -c http://sourceforge.net/projects/pcre/files/pcre/8.37/pcre-8.37.tar.bz2/download
# tar -jxvf pcre-8.37.tar.bz2
#cd pcre-8.37
# ./configure --prefix=/usr/local/
#make
#make install
二、安装Apache软件包
#wget -c http://apache.fayea.com//httpd/httpd-2.4.16.tar.bz2
#cd httpd-2.4.16
#./configure --prefix=/usr/local/apache-2.4 --enable-modules=all --enable-mods-shared=all --enable-ssl
#make
#make install
三、开启ssl支持
1、修改vi httpd.conf 开启
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Include conf/extra/httpd-ssl.conf
四、生成自签发证书:
# cd /usr/local/apache-2.4/conf/
#openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout server.key -out server.crt
#根据实际情况填写国家、组织、地区、公司名生成自签发证书
五、启动Aapche软件测试。。
#/usr/local/apache-2.4/bin/apachectl start
https://访问, 注意防火墙开启443端口
六、Apache+Tomcat-7 联配
1、 安装JDK 略
# wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-7/v7.0.64/bin/apache-tomcat-7.0.64.tar.gz
# wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.41-src.tar.gz
2、安装Tomcat
# tar -zxvf apache-tomcat-7.0.64.tar.gz
# ln -s tomcat apache-tomcat-7.0.64
3、安装tomcat-connectors模块
# tar -zxvf tomcat-connectors-1.2.41-src.tar.gz
# cd tomcat-connectors-1.2.41-src
# ./ buildconf.sh
# ./configure --with-apxs=/usr/local/apache-2.4/bin/apxs --with-tomcat=/usr/local/tomcat --with-java-home=/usr/local/jdk --with-jni
#make
#make install
七、开启mod_jk模块
修改vi httpd.conf最后添加如下 开启 mod_jk module 支持
# Load mod_jk module
LoadModule jk_module modules/mod_jk.so
# Where to find workers.properties
JkWorkersFile /usr/local/apache/conf/workers.proferties
# Where to put jk logs
JkLogFile /usr/local/apache/logs/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the timestamp log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkRequestLogFormat set the request format
JkRequestLogFormat "%w %V %T"
# JkOptions indicate to send SSL KEY SIZE,
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
# Send servlet for context /examples to worker named worker1
#JkMount /examples/*.jsp worker1
JkMount /servlet/* worker1
# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1
八、新建 workers.proferties 文件
[root@localhost conf]# more workers.proferties
workers.tomcat_home=/usr/local/tomcat
workers.java_home=/usr/local/jdk
ps=/
worker.list=worker1
worker.worker1.port=8009
worker.worker1.host=localhost
worker.worker1.type=ajp13
worker.worker1.connection_pool_timeout=600
worker.worker1.socket_keepalive=1
worker.worker1.lbfactor=1
worker.inprocess.stdout=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stdout
worker.inprocess.stderr=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stderr
[root@localhost conf]#
九、Apache+Tomcat+SSL+虚拟主机:
1、修改: httpd-ssl.conf 添加如下虚拟主机
# General setup for the virtual host
DocumentRoot "/www/clients/aaa.com/htdocs"
ServerName www.aaa.com:443
ServerAdmin you@example.com
ErrorLog "/www/clients/aaa.com/logs/error_log"
TransferLog "/www/clients/aaa.com/logs/access_log"
Options -Indexes +FollowSymlinks
AllowOverride All
Require all granted
DirectoryIndex login.jsp index.jsp
#JkMount /examples/*.jsp worker1
JkMount /servlet/* worker1
# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile "/usr/local/apache-2.4/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache-2.4/conf/server.key"
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/usr/local/apache-2.4/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
# General setup for the virtual host
DocumentRoot "/www/clients/bbb.com/htdocs"
ServerName www.bbb.com:443
ServerAdmin you@example.com
ErrorLog "/www/clients/bbb.com/logs/error_log"
TransferLog "/www/clients/bbb.com/logs/access_log"
Options -Indexes +FollowSymlinks
AllowOverride All
Require all granted
DirectoryIndex login.jsp index.jsp
#JkMount /examples/*.jsp worker1
JkMount /servlet/* worker1
# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile "/usr/local/apache-2.4/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache-2.4/conf/server.key"
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/usr/local/apache-2.4/logs/ssl_requbbest_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
十、添加Tomcat虚拟主机:
1、修改:Tomcat的配置文件 server.xml 添加如下:
pattern="%h %l %u %t "%r" %s %b" />
pattern="%h %l %u %t "%r" %s %b" />
十一、编写测试页面:
[root@localhost htdocs]# pwd
/www/clients/aaa.com/htdocs
[root@localhost htdocs]# more index.jsp
Hello wwww.aaa.com World! ");%>
[root@localhost htdocs]#
[root@localhost htdocs]# pwd
/www/clients/bbb.com/htdocs
[root@localhost htdocs]# more index.jsp
Hello wwww.bbb.com World! ");%>
[root@localhost htdocs]#
十二、启动: apache、tomcat进行测试
# /usr/local/apache/bin/apachectl start
# /usr/local/tomcat/bin/startup.sh
2、修改本机主机hosts 测试
https://www.aaa.com
https://www.bbb.com
附:优化Tomcat参数:修改:catalina.sh文件 增加如下红色字
# Set juli LogManager config file if it is present and an override has not been issued
if [ -z "$LOGGING_CONFIG" ]; then
if [ -r "$CATALINA_BASE"/conf/logging.properties ]; then
LOGGING_CONFIG="-Djava.util.logging.config.file=$CATALINA_BASE/conf/logging.properties"
else
# Bugzilla 45585
LOGGING_CONFIG="-Dnop"
fi
fi
JAVA_OPTS="-server -Xms256m -Xmx2048m -XX:PermSize=64M -XX:MaxNewSize=256m -XX:MaxPermSize=512m "
声明
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系admin@php.cn
热AI工具
Undresser.AI Undress
人工智能驱动的应用程序,用于创建逼真的裸体照片
AI Clothes Remover
用于从照片中去除衣服的在线人工智能工具。
Undress AI Tool
免费脱衣服图片
Clothoff.io
AI脱衣机
AI Hentai Generator
免费生成ai无尽的。
热门文章
R.E.P.O.能量晶体解释及其做什么(黄色晶体)
3 周前By尊渡假赌尊渡假赌尊渡假赌
R.E.P.O.最佳图形设置
3 周前By尊渡假赌尊渡假赌尊渡假赌
刺客信条阴影:贝壳谜语解决方案
2 周前ByDDD
R.E.P.O.如果您听不到任何人,如何修复音频
3 周前By尊渡假赌尊渡假赌尊渡假赌
WWE 2K25:如何解锁Myrise中的所有内容
3 周前By尊渡假赌尊渡假赌尊渡假赌
热工具
mPDF
mPDF是一个PHP库,可以从UTF-8编码的HTML生成PDF文件。原作者Ian Back编写mPDF以从他的网站上“即时”输出PDF文件,并处理不同的语言。与原始脚本如HTML2FPDF相比,它的速度较慢,并且在使用Unicode字体时生成的文件较大,但支持CSS样式等,并进行了大量增强。支持几乎所有语言,包括RTL(阿拉伯语和希伯来语)和CJK(中日韩)。支持嵌套的块级元素(如P、DIV),
DVWA
Damn Vulnerable Web App (DVWA) 是一个PHP/MySQL的Web应用程序,非常容易受到攻击。它的主要目标是成为安全专业人员在合法环境中测试自己的技能和工具的辅助工具,帮助Web开发人员更好地理解保护Web应用程序的过程,并帮助教师/学生在课堂环境中教授/学习Web应用程序安全。DVWA的目标是通过简单直接的界面练习一些最常见的Web漏洞,难度各不相同。请注意,该软件中
SecLists
SecLists是最终安全测试人员的伙伴。它是一个包含各种类型列表的集合,这些列表在安全评估过程中经常使用,都在一个地方。SecLists通过方便地提供安全测试人员可能需要的所有列表,帮助提高安全测试的效率和生产力。列表类型包括用户名、密码、URL、模糊测试有效载荷、敏感数据模式、Web shell等等。测试人员只需将此存储库拉到新的测试机上,他就可以访问到所需的每种类型的列表。
记事本++7.3.1
好用且免费的代码编辑器
MinGW - 适用于 Windows 的极简 GNU
这个项目正在迁移到osdn.net/projects/mingw的过程中,你可以继续在那里关注我们。MinGW:GNU编译器集合(GCC)的本地Windows移植版本,可自由分发的导入库和用于构建本地Windows应用程序的头文件;包括对MSVC运行时的扩展,以支持C99功能。MinGW的所有软件都可以在64位Windows平台上运行。
