• Apache 搭建HTTPS Virtual Host


    Apache 搭建HTTPS Virtual Host

    1.创建SSL证书

    首先需要安装openssl,linux系统默认已安装,如没有则用以下命令安装:

    sudo apt-get install openssl
    sudo apt-get install libssl-dev
    创建证书:

    cd /etc/ssl/private
    sudo openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout demo.key -out demo.crt
    参数说明:

    -x509 显示证书和签名工具

    -days 证书的有效期

    -sha1 证书加密算法

    -newkey rsa:1024 创建一个新key,1024表示公钥长度为1024bits

    命令执行完会创建demo.key与demo.crt

    更多参数说明可以参考:http://www.openssl.org/docs/apps/openssl.html


    创建步骤:

    root@ubuntu:/etc/ssl/private# sudo openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout demo.key -out demo.crt
    Generating a 1024 bit RSA private key
    .......++++++
    ...........++++++
    writing new private key to 'demo.key'
    -----
    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter code) [AU]:CN
    State or Province Name (full name) [Some-State]:GD
    Locality Name (eg, city) []:GZ
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:fdipzone.Ltd
    Organizational Unit Name (eg, section) []:test         
    Common Name (eg, YOUR name) []:demo.fdipzone.com
    Email Address []:fdipzone@gmail.com
    root@ubuntu:/etc/ssl/private# 
    需要填写的项目:

    Country Name (2 letter code) [AU]: 国家
    State or Province Name (full name) [Some-State]:省份
    Locality Name (eg, city) []:城市
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:公司名称
    Organizational Unit Name (eg, section) []: 组织单位名称  
    Common Name (eg, YOUR name) []: 填写域名
    Email Address []:电邮地址


    2.创建Virtual Host

    <VirtualHost *:443>
        DocumentRoot /home/fdipzone/demo
        ServerName demo.fdipzone.com
    
        <Directory "/home/fdipzone/demo">
        allow from all
        AllowOverride all
        Options -Indexes FollowSymLinks
        </Directory>
    
        SSLEngine on
        SSLCertificateFile /etc/ssl/private/demo.crt
        SSLCertificateKeyFile /etc/ssl/private/demo.key
        SSLCipherSuite AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
        SSLHonorCipherOrder on
    </VirtualHost>

    开启SSL Engine及设置使用的证书,端口443
    SSLEngine on
    SSLCertificateFile /etc/ssl/private/demo.crt           
    SSLCertificateKeyFile /etc/ssl/private/demo.key




  • 相关阅读:
    「ZJOI2019」&「十二省联考 2019」题解索引
    jmeter测试20个QPS下的响应时间-设置QPS限制
    Postman的基础使用
    Selenium如何定位动态id的元素?
    python+selenium:iframe框架中多种定位
    关于正则表达式
    项目关键路径
    paycharm导入webdriver包报错:module 'selenium.webdriver' has no attribute 'Firefox'
    随着firefox的迭代更新:FireBug不能用了?使用火狐Try Xpath插件替代Firebug和Firepath
    Python——连接操作数据库
  • 原文地址:https://www.cnblogs.com/fdipzone/p/3715057.html
Copyright © 2020-2023  润新知