ssl加密

yum install mod_ssl  -y      他是一個模組

yum install  crypto-utils  -y  加密

genkey www.westos.com

vim /etc/httpd/conf.d/ssl.conf

SSLCertificateFile   /etc/pki/tls/certs/www.westos.com.crt

SSLCertificateKeyFile   /etc/pki/tls/certs/www.westos.com.key

強制轉換為https

mkdir -p /var/www/westos.com/login/html

vim /var/www/westos.com/login/html/index.html

vim  /etc/httpd/conf.d/login.conf

<VirtualHost *:443>
       SSLEngine  on
       ServerName login.westos.com
       DocumentRoot /var/www/westos.com/login/html/
       CustomLog logs/login.log combined
       SSLCertificateFile   /etc/pki/tls/certs/www.westos.com.crt
       SSLCertificateKeyFile   /etc/pki/tls/private/www.westos.com.key
</VirtualHost>
<Directory "/var/www/westos.com/login/html/">
      Require all granted
</Directory>
<VirtualHost *:80>
       ServerName login.westos.com
       RewriteEngine on
       RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</VirtualHost>

重啟阿帕琪

其中

^(/.*)$  客戶在瀏覽器位址列中輸入的所有字元

https://  強制客戶加密訪問

%{HTTP_HOST}   客戶請求主機

$1              表示^(/.*)$的值

[redirect=301]  永久    302是臨時

測試端必須要修改  /etc/hosts      172.25.254.113  *.westos.com

對於

[redirect=301]  永久   

cat  /etc/httpd/logs/login.log      狀態304  是永久

302是臨時   狀態變為200