• <Apache服务的搭建"三件套"《目录验证》《虚拟主机》《加密证书》>


    自己没事会整理一些小知识,复习原来的同时也帮助新手。

    vvvvvvvvvvvvv开启apache目录验证vvvvvvvvvvvvvv

    htpasswd -cm uers redhat   //redhat用户是虚拟的用户uers为生成加密用户的密码文件

    # htpasswd -cm uers redhat   //第二次这样输入它会把第一次的输入覆盖掉

    [root@redhat httpd]# cat uers

    redhat:$apr1$8X/YcAoY$xlwRboAtWudU26krVPoyD1

    # htpasswd -m uers westos //少个c就不会覆盖原先的

    [root@redhat httpd]# cat uers

    redhat:$apr1$8X/YcAoY$xlwRboAtWudU26krVPoyD1

    westos:$apr1$HUl2zxD9$CI2YcuhNO68hEqch3ttMn1

    编辑Apache的配置文件

    <Directory "/var/www/html/admin">      

       AllowOverride ALL     

        authuserfile "/etc/httpd/uers"      

       authname "input your name "     

        authtype basic   

        require valid-user   //指的是所有用户

    #  require user admin  //这个指的是单个用户

       </Directory>

    测试时ip+admin(目录)

    vvvvvvvvvvvvvvapache虚拟主机的配置vvvvvvvvvvvvvvvvv

    cd /var/www //2个发布目录 

    # mkdir html1

    # cd html1/

    vim index.html

    /var/www/html

    vim index.html

    apache的配置文件

    NameVirtualHost *:80   //打开80端口

    <VirtualHost *:80>  //配置apche的配置文件  

       DocumentRoot /var/www/html  //这个是Apache默认发布目录    

    ServerName redhat.example.com    

    ErrorLog logs/redhat.example.com-error_log    

    CustomLog logs/redhat.example.com-access_log common

    </VirtualHost>

    <VirtualHost *:80>    

    DocumentRoot /var/www/html1 //这个目录和上面那个不是一个目录,看清这个是“html1”    

    ServerName www.example.com    

    ErrorLog logs/www.example.com-error_log

        CustomLog logs/www.example.com-access_log common

    </VirtualHost>

    客户端

    # vim /etc/hosts

    192.168.3.30   redhat.example.com

    192.168.3.30    www.example.com 在浏览器中分别输入redhat.example.com   www.example.com域名

    vvvvvvvvvvvvvvvvvvvvApache加密证书的制作vvvvvvvvvvvvvvvvvvvvvvvvvvv

    # yum install mod_ssl -y  //按装mod_ssl软件包

    /etc/pki/tls/private 

    # rm -rf localhost.key   //默认安装好软件包回生成一对私钥

    /etc/pki/tls/certs

      # rm -rf localhost.crt  //删除公钥

    # make localhost.crt //自己生成一对公私钥

    localhost.crt   localhost.key

    # /etc/init.d/httpd restart //重启apche服务会提示输入密码

    Enter pass phrase:

    # openssl --help

    # openssl genrsa 1024

    # openssl genrsa 1024 > localhost.key //导出私钥

    # make localhost.crt  //编辑公钥

    # /etc/init.d/httpd restart  //重启系统发现不会提示让你输入密码

    https://www.example.com/

    redhat.example.com

    https://redhat.example.com/   //发现不同的域名访问到的内容是相同的,说明虚拟主机有问题 redhat.example.com

    /etc/httpd/conf.d/  //配置ssl.conf它所使用的端口为443

    # vim ssl.conf

    NameVirtualHost *:443   //写在ssl文件中的其实就是Apache虚拟主机的内容,port由80变为443,只是多了带色的那几行,仅此而已

    <VirtualHost *:443>       

      SSLEngine on  

       SSLCertificateFile /etc/pki/tls/certs/localhost.crt  

       SSLCertificateKeyFile /etc/pki/tls/private/localhost.key  

       DocumentRoot /var/www/html  

       ServerName redhat.example.com   

      ErrorLog logs/redhat.example.com-error_log  

       CustomLog logs/redhat.example.com-access_log common

    </VirtualHost>

    <VirtualHost *:443>      

       SSLEngine on   

      SSLCertificateFile /etc/pki/tls/certs/localhost.crt

        SSLCertificateKeyFile /etc/pki/tls/private/localhost.key   

      DocumentRoot /var/www/html1   

      ServerName www.example.com   

      ErrorLog logs/www.example.com-error_log

        CustomLog logs/www.example.com-access_log common

    </VirtualHost>

    # /etc/init.d/httpd restart

    客户端测试

    https://www.example.com/

    www.example.com

    https://redhat.example.com/

    redhat.example.com

  • 相关阅读:
    java 28
    java 28
    java 27
    java 27
    java 27
    java 27
    java 27
    java 27
    java 27
    java 27
  • 原文地址:https://www.cnblogs.com/linux-super-meng/p/3782621.html
Copyright © 2020-2023  润新知