您现在的位置是:网站首页> 编程资料编程资料
Centos6.3下Apache配置基于加密的认证https加密证书访问_资源网
2023-12-07
104人已围观
简介 Centos6.3下Apache配置基于加密的认证https加密证书访问_资源网
这里简单演示一下Apache下基于加密的认证访问----https加密方式访问。
1.DNS解析解析情况:
[root@localhost html]# nslookup www.downcc.com
Server: 192.168.2.115
Address: 192.168.2.115#53
Name: www.downcc.com
Address: 192.168.2.115
2.安装Apache SSL支持模块:# yum install -y mod_ssl (默认yum安装httpd是没有安装该模块的,安装后自动生产/etc/httpd/conf.d/ssl.conf文件)并生成证书。
[root@localhost certs]# pwd
/etc/pki/tls/certs
[root@localhost certs]# ls
ca-bundle.crt index.html localhost.crt Makefile
ca-bundle.trust.crt localhost1.crt make-dummy-cert
[root@localhost certs]# openssl req -utf8 -new -key ../private/localhost.key -x509 -days 3650 -out abc_com.crt
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:510510
Locality Name (eg, city) [Default City]:GZ
Organization Name (eg, company) [Default Company Ltd]:ABC.COM
Organizational Unit Name (eg, section) []:Mr.Zhang
Common Name (eg, your name or your server's hostname) []:www.downcc.com
Email Address []:root@abc.com
[root@localhost certs]#
3.配置Apache,基本配置这里不多说了,下面是配置www.downcc.com站点http访问的情况。
[root@localhost html]# tail -n 8 /etc/httpd/conf/httpd.conf
NameVirtualhost 192.168.2.115:80
ServeRadmin webmaster@dummy-host.example.com
DocumentRoot /var/www/html
ServerName www.downcc.com
ErrorLog logs/dummy-host.example.com-error_log
CustomLog logs/dummy-host.example.com-access_log common
[root@localhost html]# tail /var/www/html/index.html
www.downcc.com
[root@localhost html]#
4.配置Apache支持https访问www.downcc.com站点,编辑 vim /etc/httpd/conf.d/ssl.conf 文件,制定www.downcc.com站点https访问时的相关信息。添加下面配置。
DocumentRoot "/var/www/html/www.kuteatest.net" #//为了显示效果,这里的站点目录不一样,一般情况一个域名应该指向同一目录的。
ServerName www.downcc.com:443
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/abc_com.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
5.重启Apache服务,测试访问。
测试http访问的结果
测试https访问的结果
查看证书信息和自建crt信息一致
https访问的最终结果
相关内容
- CentOS 6.4系统下编译安装LNMP、配置PHP环境_资源网
- win2008 iis7如何取消目录的可执行权限_资源网
- Windows Server 2008 IIS 7 503错误解决方案_资源网
- APACHE支持.htaccess方法_资源网
- 爆笑西游镇压兽潮活动详细介绍_手机游戏_游戏攻略_
- 武侠Q传什么输出弟子好 输出位置介绍_手机游戏_游戏攻略_
- 幻想江湖最新紫装获得方法攻略_手机游戏_游戏攻略_
- 雷霆战机BOSS模式掉落规律分析_雷霆战机BOSS模式掉落神装技巧心得_手机游戏_游戏攻略_
- 梦想海贼王海贼世界七种武器一览_手机游戏_游戏攻略_
- 我叫mt4.0公会商店升级条件介绍说明_我叫mt4.0各级公会商店详解_手机游戏_游戏攻略_
