rhel7 http實例2

前面的配置請參考 http://4708948.blog.51cto.com/4698948/1702486

客戶機(jī)

[root@desktop0 conf.d]# curl https://server0:443

curl: (60) Peer's certificate issuer has been marked as not trusted by the user.

More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"

of Certificate Authority (CA) public keys (CA certs). If the default

bundle file isn't adequate, you can specify an alternate file

using the --cacert option.

If this HTTPS server uses a certificate signed by a CA represented in

the bundle, the certificate verification probably failed due to a

problem with the certificate (it might be expired, or the name might

not match the domain name in the URL).

If you'd like to turn off curl's verification of the certificate, use

the -k (or --insecure) option.

第十五題 虛擬主機(jī)

搭建一臺虛擬主機(jī)使用域名www.server0.example.com（域名解析已由server.domain0.example.com上做好）該服務(wù)器的家目錄在/var/www/virtual。頁面文件從http://server.domain0.example.com/pub/html/www8.html下載到/var/www/html/virtual下，更名為index.html，網(wǎng)頁內(nèi)容請勿修改，要求原物理主機(jī)可以繼續(xù)訪問

服務(wù)器

[root@server0 conf.d]# cd /var/www/

[root@server0 www]# mkdir virtual

[root@server0 www]# cd virtual/

[root@server0 virtual]# vim index.html

[root@server0 virtual]# cat index.html

151515151515151515151515151515

[root@server0 virtual]# vim /etc/httpd/conf.d/hrr.conf

<VirtualHost *:80>

DocumentRoot "/var/www/virtual/"

ServerName www.server0.example.com

ErrorLog "/var/log/httpd/www.server0.example.com-error_log"

CustomLog "/var/log/httpd/www.server0.example.com-access_log" common

</VirtualHost>

[root@server0 virtual]# systemctl restart httpd

客戶機(jī)

[root@desktop0 conf.d]# vim /etc/hosts

[root@desktop0 conf.d]# curl http://www.server0.example.com

151515151515151515151515151515

[root@desktop0 conf.d]# cat /etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

172.25.0.11 www.server0.example.com

172.25.254.254 cla***oom.example.com

172.25.254.254 content.example.com

[root@desktop0 conf.d]#

第十七題 http訪問權(quán)限

在www.server0.example.com網(wǎng)站的根目錄創(chuàng)建restricted目錄。下載ftp://cla***oom.example.com/pub/html/restricted0.html到restricted目錄,改為index.html，請不要修改該文件的內(nèi)容。要求僅desktop0主機(jī)才能訪問到該頁面。其他主機(jī)拒絕訪問。

服務(wù)器

[root@server0 conf.d]# vim hrr.conf

[root@server0 conf.d]# systemctl restart httpd

客戶機(jī)1

[root@desktop0 conf.d]# ifconfig

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 172.25.0.10 netmask 255.255.255.0 broadcast 172.25.0.255

[root@desktop0 conf.d]# curl http://www.server0.example.com/restricted/

desktop0 only

[root@desktop0 conf.d]#

客戶機(jī)2

[root@foundation0 images]# ifconfig

br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 172.25.254.250 netmask 255.255.255.0 broadcast 172.25.254.255

[root@foundation0 images]# cat /etc/hosts

172.25.0.11 www.server0.example.com

[root@foundation0 images]# curl http://www.server0.example.com/

151515151515151515151515151515

[root@foundation0 images]# curl http://www.server0.example.com/restricted/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>403 Forbidden</title>

</head><body>

<h1>Forbidden</h1>

You don't have permission to access /restricted/

on this server.

</body></html>

[root@foundation0 images]#

題目12

配置WEB站點

Server上配置一個站點http://server0.example.com然后執(zhí)行下述步驟：

從ftp://172.25.254.250/pub/RHCE/12.html下載文件，并且將文件重命名index.html不要修改此文件的內(nèi)容

將文件index.html拷貝到您的web服務(wù)器的dosumentroot目錄下

來自于example.com域的客戶端可以訪問此WEB服務(wù)

來自于deny.com域 的客戶端拒絕訪問此WEB服務(wù)

服務(wù)器

Yum y install http*

cd /etc/httpd/conf.d/

cp /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf hrr.conf

vim hrr.conf

Systemctl enable httpd

Systemctl start httpd

firewall-config

然后直接關(guān)掉

[root@server0 html]# firewall-cmd --reload

success

[root@server0 html]# firewall-cmd --list-all --zone=public

public (default, active)

interfaces: eth0 eth1 eth2 team0

sources:

services: dhcpv6-client http nfs ssh

ports: 139/tcp 138/tcp 445/tcp 80/tcp 5423/tcp 137/tcp

masquerade: no

forward-ports: port=5423:proto=tcp:toport=80:toaddr=

icmp-blocks:

rich rules:

rule family="ipv4" destination address="172.25.0.0/24" service name="http" accept

rule family="ipv4" destination address="172.25.1.0/24" service name="http" reject

cd /var/www/html/

vim index.html

12

客戶端

[root@desktop0 ~]# curl http://server0

12

[root@desktop0 ~]#

題目13配置安全WEB服務(wù)

為站點http://server0.example.com配置TLS加密一個已簽名證書從http://cla***oom.example.com/pub/tls/certs/www0.crt獲取，此證書的密鑰從http://cla***oom.example.com/pub/tls/private/www0.key獲取，此證書的簽名授權(quán)信息從http://cla***oom.example.com/pub/example-ca.crt獲取（在教室中才有這些證書）

題目14

配置虛擬主機(jī)

在server0上擴(kuò)展您的web服務(wù)器，為站點

http://14.example.com創(chuàng)建了個虛擬主機(jī)，然后執(zhí)行下述步驟：

A設(shè)置docume

轉(zhuǎn)載于:https://blog.51cto.com/4708948/1702487

總結(jié)

以上是生活随笔為你收集整理的rhel7 http实例2的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。