极乐门资源网 Design By www.ioogu.com
[root@centos5 ~]# yum -y install mod_ssl 在线安装mod_ssl
Loading "fastestmirror" plugin
Loading mirror speeds from cached hostfile
* base: centos.candishosting.com.cn
* updates: mirror.khlug.org
* addons: centos.candishosting.com.cn
* extras: centos.candishosting.com.cn
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package mod_ssl.i386 1:2.2.3-11.el5_2.centos.4 set to be updated
--> Processing Dependency: libdistcache.so.1 for package: mod_ssl
--> Processing Dependency: libnal.so.1 for package: mod_ssl
--> Running transaction check
---> Package distcache.i386 0:1.4.5-14.1 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
mod_ssl i386 1:2.2.3-11.el5_2.centos.4 updates

85 k
Installing for dependencies:
distcache i386 1.4.5-14.1 base 119 k

Transaction Summary
=============================================================================
Install 2 Package(s)
Update 0 Package(s)
Remove 0 Package(s)

Total download size: 204 k
Downloading Packages:
(1/2): mod_ssl-2.2.3-11.e 100% |=========================| 85 kB 00:02
(2/2): distcache-1.4.5-14 100% |=========================| 119 kB 00:03
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: distcache ######################### [1/2]
Installing: mod_ssl ######################### [2/2]

Installed: mod_ssl.i386 1:2.2.3-11.el5_2.centos.4
Dependency Installed: distcache.i386 0:1.4.5-14.1
Complete!

[root@centos5 ~]# cd /etc/httpd/conf 进入HTTP服务器配置文件所在目录
[root@centos5 conf]# rm -rf ssl.*/server.* 删除默认或残留的服务器证书相关文件

[root@centos5 ~]# rpm -qa |grep openssl
openssl-0.9.8b-10.el5

[root@centos5 ~]# openssl genrsa -out www.yang.com.key 1024 建立服务器密钥
Generating RSA private key, 1024 bit long modulus
...........................................................++++++
.++++++
e is 65537 (0x10001)

[root@centos5 ~]# openssl req -new -key www.yang.com.key -out www.yang.com.csr 建立服务器公钥

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:OM 输入国名
State or Province Name (full name) [Berkshire]:fuzhou 输入省名
Locality Name (eg, city) [Newbury]:fou 输入城市名
Organization Name (eg, company) [My Company Ltd]:yang 输入组织名(任意)
Organizational Unit Name (eg, section) []:www 不输入,直接回车
Common Name (eg, your name or your server's hostname) []:www.yang.com 输入通称(任意)
Email Address []:admin@yang.com 输入电子邮箱地址

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: 不输入,直接回车
An optional company name []: 不输入,直接回车

[root@centos5 ~]# ls -l
total 68
-rw------- 1 root root 986 Jan 31 23:54 anaconda-ks.cfg
drwxr-xr-x 2 root root 4096 Feb 1 02:17 Desktop
-rw-r--r-- 1 root root 0 Feb 1 03:06 Finished
-rw-r--r-- 1 root root 15078 Jan 31 23:54 install.log
-rw-r--r-- 1 root root 2876 Jan 31 23:53 install.log.syslog
-rw-r--r-- 1 root root 0 Feb 1 03:06 Package
-rw-r--r-- 1 root root 0 Feb 1 03:06 Processing
-rw-r--r-- 1 root root 0 Feb 1 03:06 Running
-rw-r--r-- 1 root root 684 Feb 1 04:54 www.yang.com.csr
-rw-r--r-- 1 root root 887 Feb 1 04:52 www.yang.com.key

[root@centos5 ~]# openssl x509 -req -days 365 -in www.yang.com.csr -signkey www.yang.com.key -out www.yang.com.crt 建立服务器证书

Signature ok
subject=/C=OM/ST=fuzhou /L=fou/O=yang/OU=www/CN=www.yang.com/emailAddress=admin@ yang.com
Getting Private key

[root@centos5 ~]# ll
total 72
-rw------- 1 root root 986 Jan 31 23:54 anaconda-ks.cfg
drwxr-xr-x 2 root root 4096 Feb 1 02:17 Desktop
-rw-r--r-- 1 root root 0 Feb 1 03:06 Finished
-rw-r--r-- 1 root root 15078 Jan 31 23:54 install.log
-rw-r--r-- 1 root root 2876 Jan 31 23:53 install.log.syslog
-rw-r--r-- 1 root root 0 Feb 1 03:06 Package
-rw-r--r-- 1 root root 0 Feb 1 03:06 Processing
-rw-r--r-- 1 root root 0 Feb 1 03:06 Running
-rw-r--r-- 1 root root 920 Feb 1 04:57 www.yang.com.crt
-rw-r--r-- 1 root root 684 Feb 1 04:54 www.yang.com.csr
-rw-r--r-- 1 root root 887 Feb 1 04:52 www.yang.com.key


[root@centos5 ~]# vi /etc/httpd/conf.d/ssl.conf 修改SSL的设置文件

# When we also provide SSL we have to listen to the
# the HTTPS port in addition.
#
Listen 443

[root@centos5 ~]# /etc/rc.d/init.d/httpd restart 重启服务
Stopping httpd: [ OK ]
Starting httpd: [ OK ]

[root@centos5 ~]# netstat -ntpl |grep 443
tcp 0 0 :::443 :::* LIST

EN 10317/httpd
Centos 5下配置https服务器的方法

Centos 5下配置https服务器的方法
注:本实验以http://www.centospub.com/make/ssl.html为指导

配置SSL虚拟主机

#vi /etc/httpd/conf/httpd.conf

NameVirtualHost 192.168.0.20:443

NameVirtualHost 192.168.0.20:80
<VirtualHost IP:192.168.0.20:443>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /var/www/html
ServerName www. yang.com

SSLEngine on
SSLCertificateFile /etc/httpd/conf/www.yang.com.crt
SSLCertificateKeyFile /etc/httpd/conf/www.yang.com.key

ErrorLog logs/dummy-www.yang.com-error_log
CustomLog logs/dummy-www.yang.com-access_log common
</VirtualHost>
<VirtualHost 192.168.0.20:443>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /var/www/cgi-bin/openwebmail
ServerName mail.yang.com

SSLEngine on
SSLCertificateFile /etc/httpd/conf/www.yang.com.crt
SSLCertificateKeyFile /etc/httpd/conf/www.yang.com.key

ErrorLog logs/dummy-www.yang.com-error_log
CustomLog logs/dummy-www.yang.com-access_log common
</VirtualHost>


#vi /etc/httpd/conf.d/ssl.conf 添加下面的内容

SSLEngine on
SSLCertificateFile /etc/httpd/conf/www.yang.com.crt
SSLCertificateKeyFile /etc/httpd/conf/www.yang.com.key

标签:
Centos,https

极乐门资源网 Design By www.ioogu.com
极乐门资源网 免责声明:本站文章均来自网站采集或用户投稿,网站不提供任何软件下载或自行开发的软件! 如有用户或公司发现本站内容信息存在侵权行为,请邮件告知! 858582#qq.com
极乐门资源网 Design By www.ioogu.com

评论“Centos 5下配置https服务器的方法”

暂无Centos 5下配置https服务器的方法的评论...

《魔兽世界》大逃杀!60人新游玩模式《强袭风暴》3月21日上线

暴雪近日发布了《魔兽世界》10.2.6 更新内容,新游玩模式《强袭风暴》即将于3月21 日在亚服上线,届时玩家将前往阿拉希高地展开一场 60 人大逃杀对战。

艾泽拉斯的冒险者已经征服了艾泽拉斯的大地及遥远的彼岸。他们在对抗世界上最致命的敌人时展现出过人的手腕,并且成功阻止终结宇宙等级的威胁。当他们在为即将于《魔兽世界》资料片《地心之战》中来袭的萨拉塔斯势力做战斗准备时,他们还需要在熟悉的阿拉希高地面对一个全新的敌人──那就是彼此。在《巨龙崛起》10.2.6 更新的《强袭风暴》中,玩家将会进入一个全新的海盗主题大逃杀式限时活动,其中包含极高的风险和史诗级的奖励。

《强袭风暴》不是普通的战场,作为一个独立于主游戏之外的活动,玩家可以用大逃杀的风格来体验《魔兽世界》,不分职业、不分装备(除了你在赛局中捡到的),光是技巧和战略的强弱之分就能决定出谁才是能坚持到最后的赢家。本次活动将会开放单人和双人模式,玩家在加入海盗主题的预赛大厅区域前,可以从强袭风暴角色画面新增好友。游玩游戏将可以累计名望轨迹,《巨龙崛起》和《魔兽世界:巫妖王之怒 经典版》的玩家都可以获得奖励。