rhel5.5_Apache配置openssl支持https服务
《rhel5.5_Apache配置openssl支持https服務》
1:切換到openssl證書目錄:
# cd /etc/pki/tls/certs
2:創建私鑰:
# make server.key
umask 77 ; \
??? /usr/bin/openssl genrsa -des3 1024 > server.key
Generating RSA private key, 1024 bit long modulus
.++++++
...++++++
e is 65537 (0x10001)
Enter pass phrase:? 123456
Verifying - Enter pass phrase:? 123456
3:重寫私鑰,清除密碼,讓httpd啟動時不必輸入密碼
# openssl rsa -in server.key -out server.key
Enter pass phrase for server.key: 123456
writing RSA key
4:證書簽發請求(Certificate Signing Request) (CSR)
# make server.csr
umask 77 ; \
??? /usr/bin/openssl req -utf8 -new -key server.key -out server.csr
Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ’.’, the field will be left blank.
-----
Country Name (2 letter code) [GB]:cn
State or Province Name (full name) [Berkshire]:fujian
Locality Name (eg, city) [Newbury]:xiamen
Organization Name (eg, company) [My Company Ltd]:xmu
Organizational Unit Name (eg, section) []:eda
Common Name (eg, your name or your server’s hostname) []:192.168.1.105???? (注: 此處應與httpd.conf中的ServerName一致, 否則提示證書錯誤)
Email Address []:clough@eda.com
Please enter the following ’extra’ attributes
to be sent with your certificate request
A challenge password []:cliff
An optional company name []:xmu
5:給自己創建CA并簽名
# openssl x509 -in server.csr -req -signkey server.key -days 365 -out server.crt
Signature ok
subject=/C=cn/ST=fujian/L=xiamen/O=lexie/OU=lexie/CN=192.168.1.105/emailAddress=clough@sohu.com
Getting Private key
6:調整/etc/httpd/conf.d/ssl.conf正確引用上面創建的證書。
# vi /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/certs/server.key
7: 啟動服務
# service httpd restart
8: 如此尚不能同時支持http和https, 待補充.
?
總結
以上是生活随笔為你收集整理的rhel5.5_Apache配置openssl支持https服务的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: rhel5.5安装vsftpd并配置虚拟
- 下一篇: virtualbox4 剪贴板(共享粘贴