分类: BSD
2009-02-18 14:32:46
|
1、我的Freebsd6.2上已经安装好apache22,今天想使apache支持https协议,把所做的事情记录下来。
2、设置启动 #echo 'apache2_enable="YES"' >> /etc/rc.conf #echo ‘apache22ssl_enable="YES"' >> /etc/rc.conf 3,编辑/usr/local/etc/apache22/httpd.conf
在最后边加上支持:Include etc/apache22/extra/httpd-ssl.conf
然后编辑:/usr/local/etc/apache22/extra/httpd-ssl.conf 修改虚拟机路径:
# General setup for the virtual host
DocumentRoot "/usr/local/www/test" ServerName ServerAdmin ErrorLog "/var/log/httpd-error.log" TransferLog "/var/log/httpd-access.log" 和以下两个位置为你存放证书路径: SSLCertificateFile "/usr/local/etc/apache22/ssl.key/server.crt"
SSLCertificateKeyFile "/usr/local/etc/apache22/ssl.key/server.key"
4、配置mod_ssl 生成证书
#openssl genrsa -des3 -out server.key 1024 #openssl rsa -in server.key -out server.key (*从密钥中删除密码,以避免系统启动时被询问口令) #openssl req -new -key server.key -out server.csr #openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt #mkdir /usr/local/etc/apache22ssl.key #mkdir /usr/local/etc/apache22ssl.crt #chmod 0700 /usr/local/etc/apache22/ssl.key #chmod 0700 /usr/local/etc/apache22/ssl.crt #cp ~/server.key /usr/local/etc/apache22/ssl.key/ #cp ~/server.crt /usr/local/etc/apache22/ssl.crt/ #chmod 0400 /usr/local/etc/apache22/ssl.key/server.key #chmod 0400 /usr/local/etc/apache22/ssl.crt/server.crt 5、启动服务器,设置完成。访问服务器时输入:https://域名(或IP),浏览器会弹出安装服务器证明书的窗口。说明服务器已经支持SSL了 |
