上善若水,不浮不沉!
分类: LINUX
2013-02-16 15:34:12
1、检查是否安装了openssl
rpm -qa | grep -i "ssl"
openssl-devel-0.9.8e-12.el5_4.6
openssl-0.9.8e-12.el5_4.6
openssl-0.9.8e-12.el5_4.6
openssl-devel-0.9.8e-12.el5_4.6
mod_ssl-2.2.3-76.el5.centos
2、安装apache并支持ssl
./configure --prefix=/usr/local/http2 --enable-ssl
Makle
Make install
3、创建私钥
openssl genrsa -out server.key 1024
4、用私钥server.key文件生成证书签署请求CSR
openssl req -new -key server.key -out server.csr
此步骤需要输入一些证书信息,解释如下:
Country Name (2 letter code) [GB]:【在此输入两个字符的国家名。中国的为CN 】
State or Province Name (full name) [Berkshire]:【省份名称,如北京为beijing 】
Locality Name (eg, city) [Newbury]:【城市名称,如beijing】
Organization Name (eg, company) [My Company Ltd]:【公司名称】
Organizational Unit Name (eg, section) []:【部门名称】
Common Name (eg, your name or your server's hostname) []:【姓名,通常即证书名】
Email []:【电子邮箱地址】
随后会要求输入一个challenge password(密码),无需输入,后面一律直接回车即可。
5、生成证书CRT文件
openssl x509 -days 3650 -req -in server.csr -signkey server.key -out server.crt
6、将生成的证书文件(server.crt、server.key)拷贝到/usr/local/http2/conf下
7、修改apache配置文件,进入/usr/local/http2/conf
vi httpd.conf
注销 80端口
# Listen 80
去掉下面的#
#Include conf/extra/httpd-ssl.conf
注:ssl的配置文件为/usr/local/http2/conf/extra/httpd-ssl.conf
huodiewj2014-08-08 08:27:48
/usr/lib/libexpat.so: could not read symbols解决方法:
1)最直接的方法:
cp /usr/lib64/libexpat.* /usr/lib/
(将/usr/lib64/目录下的 libexpat.a、libexpat.la libexpat.so 文件拷贝到/usr/lib/目录)
cp覆盖以后,make就可以了
2)另一种设置configure的办法是,将configure更改为:
./configure –enable-lib64 -libdir=/usr/lib64 –enable-ssl –with-ssl=/usr/local/ssl –enable-module=so –prefix=/usr/local/apache
huodiewj2014-02-19 17:11:36
问题:
[root@dfa ~]# rpm -ivh /media/Server/mod_ssl-2.2.3-31.el5.i386.rpm
warning: /media/Server/mod_ssl-2.2.3-31.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
error: Failed dependencies:
libdistcache.so.1 is needed by mod_ssl-2.2.3-31.el5.i386
libnal.so.1 is needed by mod_ssl-2.2.3-31.el5.i386
可以看到报错了, 依赖libdistcache.so.1和libnal.so.
