讓apache支援https的設定步驟
阿新 • • 發佈:2019-01-31
總體分兩步:一、生成SSL證書;二、設定Apache的SSL配置
1. 安裝openssl
yum install mod_ssl openssl
2. 生成自簽名的證書
#Generate private key openssl genrsa -out ca.key 2048 #Generate CSR Certificate Signing Request openssl req -new -key ca.key -out ca.csr #Generate Self Signed Certificate openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
3. 證書放到規範的目錄中
#Copy the files to the correct locations
cp ca.crt /etc/pki/tls/certs
cp ca.key /etc/pki/tls/private/ca.key
cp ca.csr /etc/pki/tls/private/ca.csr
4. 修改Apache的SSL配置
Edit the Apache SSL configuration file /etc/httpd/conf.d/ssl.conf.
Change the paths to match where the Keyfile is stored.
SSLCertificateFile /etc/pki/tls/certs/ca.crt
Then set the correct path for theCertificate Key File a few lines below.
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
Quit and save the file.
5. 重啟Apache
service httpd restart
All being well you should now be ableto connect over https to your server. As the certificate is self signedbrowsers will generally ask you whether you want to accept the certificate.