apache To configure https

One 、yum install openssl and openssl-devel,httpd-devel
Two 、 Generate Certificate ( It can also be obtained from the company's certification authority ):
# Set up the server key 
openssl genrsa -des3 1024 > /usr/local/apache/conf/server.key
# Remove password from key ( To avoid being asked for a password after the system starts )
openssl rsa -in /usr/local/apache/conf/server.key > /usr/local/apache/conf/server2.key
mv /usr/local/apache/conf/server2.key /usr/local/apache/conf/server.key
# Create server key request file
openssl req -new -key /usr/local/apache/conf/server.key -out /usr/local/apache/conf/server.csr
5>openssl x509 -in /usr/local/apache/conf/server.csr -out
# Create server certificate
/usr/local/apache/conf/server.crt -req -signkey /usr/local/apache/conf/server.key -days 365
3、 ... and 、 modify Apache Configuration file for httpd.conf

open ssl modular , Without this module, you need to install the dependency package :mod_ssl, It will be installed in modules Found inside :

LoadModule ssl_module modules/mod_ssl.so

introduce ssl The configuration file , Increase support ssl:

Include conf/extra/httpd-ssl.conf( Remove the comments at the beginning of the line )
  • Start redirection ( Optional ), Using the user HTTP Access is automatically redirected to HTTPS, Directly in http.conf Finally, configure it , stay httpd.conf Add the following at the end of the file :
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/?(.*)$ https://%{SERVER_NAME}/$1 [L,R]
Four 、 Modify the encrypted file ssl.conf, adopt yum Installed httpd, stay conf.d There is... Under the catalog ssl.conf The configuration file , We need to configure one in it VirtualHost And configure certificates and keys :
LoadModule ssl_module modules/mod_ssl.so
Listen 443
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:!RC4: <VirtualHost _default_:443> # There must be a virtual host , Only in this way can we use the jump function and use 443 Port access
DocumentRoot "/home/store/webroot"
Servername https://xxx.com/
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLCertificateFile /etc/httpd/conf/cert/xxx.com.crt
SSLCertificateKeyFile /etc/httpd/conf/cert/xxx.com.key
5、 ... and 、 restart Apache

service httpd restart

  1. Type in the browser https:// domain name perhaps domain name :443, If the two can be accessed properly , Express https Configured successfully .
  2. Type in the browser domain name , If you can jump to https Connected to the , That means the jump function is normal .
  • start-up apache We have the following problems :
Invalid command 'SSLPassPhraseDialog', perhaps misspelled or defined by a module not included in the server configuration

To apache Of bin Execute under directory ./httpd -l See if there's any mode_ssl.c, This error explains ssl Module installation failed .

terms of settlement :

  • 1、 recompile apache, add --enable-ssl --with-ssl Parameters

  • 2、 hold ssl Add the module to the compiled apache in

    First , Use whereis openssl Command acquisition lib and include The path of

[root@robot /usr/local/apache/modules]# whereis openssl
openssl: /usr/bin/openssl /usr/lib/openssl /usr/include/openssl /usr/share/man/man1/openssl.1ssl.gz

then stay apache Source code modules/ssl Under the folder , Use command /usr/sbin/apxs -i -a -D HAVE_OPENSSL=1 -I/usr/include/openssl/ -L/usr/lib/openssl/ -c *.c -lcrypto -lssl -ldl (apxs Need to install http-devel Only then , Even so , I still didn't compile it , So it's copied on other machines that have compiled this module mod_ssl.so To apache Module directory /usr/local/apache/modules)

Apache To configure HTTPS More articles about the function

  1. Linux Next Apache To configure HTTPS function

    Apache To configure HTTPS function   turn  https://www.cnblogs.com/liaojiafa/p/6028816.html One .yum install openssl and openssl-devel,ht ...

  2. Windows Up for Apache To configure HTTPS

    Windows Up for Apache To configure HTTPS   turn  https://www.cnblogs.com/tianzijiaozi/p/7582671.html   1. install OpenSSL: Windo ...

  3. Apache To configure https

    Apache To configure https I've been using Tomcat, Today, I suddenly received a task to Apache To configure https certificate , Because the applet has to use . Let's list the process for future reference . 1. First you have to have ssl certificate , No one can buy , ...

  4. Nginx Advanced configuration -https function

    Nginx Advanced configuration -https function author : Yin Zhengjie Copyright notice : Original works , Declined reprint ! Otherwise, the legal liability will be investigated . One .HTTPS working process 1>.SSL/TLS SSL(Secure Socket Lay ...

  5. mac Use apache Turn on https function , Realization ios LAN internal test ( One )

    The author tried all kinds of methods on the Internet, and finally found a way to solve a series of problems of LAN internal test , Take a note and write it down , Pro feasible measurement . One . Mr. Cheng's certificate 1. Get into apache web The root of the certificate processing command cd /Library/Web ...

  6. stay linux Under the apache To configure https agreement , Turn on ssl Connect

    Environmental Science :linux To configure https agreement , need 2 Big steps : One . Generate server certificate 1. install openssl Software yum install -y openssl mod_ssl 2. Generate server private key , Generate server ...

  7. apache To configure https( turn )

    It's mainly about windows Next apache To configure SSL In order to realize the http Convert to https SSL: SSl Is for Http Transport provides a secure protocol , Through certificate authentication to ensure that the data between the client and the web server is secure . That is to say SSL Next ...

  8. lamp And apache To configure https visit

    To configure apache Use https notes : I'm afraid that other people will have problems due to the path , First of all, let's make a statement , I am apache The installation directory is : /usr/local/httpd2.4.25, If not , Please refer to for configuration notes : For such as ...

  9. Linux Apache To configure https visit

    To configure https visit The environment is rh254 A supporting environment for the course , But the configuration steps are the same . requirement : Deploy two websites using virtual host Technology : Website 1: Bind domain name www0.example.com Directory in /srv/www ...

Random recommendation

  1. 【 turn 】 test LibreOffice SDK Development environment configuration (Windows)

    original text :http://www.aqcoder.com/blog/detail/id/7441186b-93fd-482c-b4d7-0facd1ee498d Download and install LibreOffice Home page :h ...

  2. ADO.NET Learning Series ( Two )

    This time I use ADO.NET To insert a piece of data , To database . The main use is stored procedure . I don't want to use it every time SQL The form of the text has changed , There's no progress --- First of all , I will use the database script for this exercise , post : USE maste ...

  3. Radix sorting (radix sort)

    #include<iostream> #include<ctime> #include <stdio.h> #include<cstring> #inc ...

  4. Artifact -Sublime Text 3 Code editor installation and use

    One . Software access 1. Software download address :http://www.sublimetext.com/3. 2. Register machine and Chinese download :http://files.cnblogs.com/files/1312mn/subli ...

  5. C++ Temporary object destruction time

    What does the following code output ? const char* p = string("hello temprary string").c_str(); cout << p; The following ...

  6. OpenCV Using edge extraction 、 corrosion 、 Contour for license plate location

    http://blog.csdn.net/superdont/article/details/24935383 OpenCV Using edge extraction . corrosion . Contour for license plate location 2014-05-03 21:38 67 ...

  7. Oracle Of sessions and processes The formula for calculating the number of

    Oracle Of sessions and processes The formula for calculating the number of The original author's link address :http://blog.csdn.net/zengmuansha/article/details/7581771 Ora ...

  8. Mac Pass through brew Install the specified version of nodejs

    p.p1 { margin: 0.0px 0.0px 0.0px 0.0px; font: 24.0px "PingFang SC Semibold"; color: #2c303 ...

  9. Java Programming idea ( after )

    Java Programming idea ( after ) Possession object If a program contains only a fixed number of objects with known lifetime , So this is a very simple program . Java Basic types of Libraries in : List, Set, Queue and Map --- It's called a set ...

  10. fedora arm-linux-gcc4.4.3 compile u-boot-2010.3

    Mini2440 Development board ,samsungS3C2440 chip structure u-boot Two bags : arm-linux-gcc4.4.3 u-boot-2010.3 fedora I won't support it 32 Location base , Compilation error : / ...