美文网首页
搭建apache并使用自签证书实现https访问

搭建apache并使用自签证书实现https访问

作者: 华龙007 | 来源:发表于2018-05-31 13:14 被阅读0次

安装apache和需要的组件

[root@localhost ~]# yum -y install httpd

[root@localhost ~]# yum -y install mod_ssl openssl

新建html首页

[root@localhost ~]# vim /var/www/html/index.html
<h1>Test Page</h1>

启动httpd服务

[root@localhost ~]# systemctl start httpd.service

访问页面正常


图片.png

生成私钥

[root@localhost ~]# (umask 077; openssl genrsa -out /etc/pki/CA/private/cakey.pem 4096)
Generating RSA private key, 4096 bit long modulus
.................................................................++
...............................................................................................................................................++
e is 65537 (0x10001)

生成自签证书


[root@localhost ~]# openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem -out /etc/pki/CA/cacert.pem -days 3655
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Beijing
Locality Name (eg, city) [Default City]:Beijing
Organization Name (eg, company) [Default Company Ltd]:test.com
Organizational Unit Name (eg, section) []:test
Common Name (eg, your name or your server's hostname) []:www.test.com
Email Address []:root@test.com

为CA提供所需的目录及文件

[root@localhost ~]# ls /etc/pki/CA/
cacert.pem  certs  crl  newcerts  private
[root@localhost ~]# touch /etc/pki/CA/{serial,index.txt}
[root@localhost ~]# echo 01 > /etc/pki/CA/serial

修改ssl配置

[root@localhost ~]# vim /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/CA/cacert.pem
SSLCertificateKeyFile /etc/pki/CA/private/cakey.pem

重启httpd服务

[root@localhost ~]# systemctl restart httpd

现在可以用https正常访问网页,因为是自签证书,所以提示风险


图片.png 图片.png

https://www.linuxidc.com/Linux/2017-01/139684.htm

相关文章

网友评论

      本文标题:搭建apache并使用自签证书实现https访问

      本文链接:https://www.haomeiwen.com/subject/neifsftx.html

      延伸阅读

      深度阅读

      • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

      栏目导航

      热点阅读

      关于我们|服务条款|联系我们|搭建apache并使用自签证书实现https访问|投稿指南|网站地图|RSS订阅|排版工具|手机版

      提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

      Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

      备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

      本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

      所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!