99久久99久久精品免观看,国产精品久久久久国产精品,国产黄色录像视频,免费的黄色毛片,国产一区精品普通话对白,色妞妞成人在线观看,最新aⅴ福利在线观看免费

綠色資源網(wǎng):您身邊最放心的安全下載站! 最新軟件|熱門排行|軟件分類|軟件專題|廠商大全

綠色資源網(wǎng)

技術(shù)教程
您的位置:首頁(yè)服務(wù)器類Web服務(wù)器 → Centos6.3下Apache配置基于加密的認(rèn)證https加密證書訪問(wèn)

Centos6.3下Apache配置基于加密的認(rèn)證https加密證書訪問(wèn)

我要評(píng)論 2013/05/06 22:01:39 來(lái)源:綠色資源網(wǎng) 編輯:m.siawh.com [ ] 評(píng)論:0 點(diǎn)擊:479次

這里簡(jiǎn)單演示一下Apache下基于加密的認(rèn)證訪問(wèn)----https加密方式訪問(wèn)。

1.DNS解析解析情況:

[root@localhost html]# nslookup m.siawh.com

Server:         192.168.2.115

Address:        192.168.2.115#53

Name:   m.siawh.com

Address: 192.168.2.115

2.安裝Apache SSL支持模塊:# yum install -y mod_ssl (默認(rèn)yum安裝httpd是沒有安裝該模塊的,安裝后自動(dòng)生產(chǎn)/etc/httpd/conf.d/ssl.conf文件)并生成證書。

[root@localhost certs]# pwd

/etc/pki/tls/certs

[root@localhost certs]# ls

ca-bundle.crt        index.html      localhost.crt    Makefile

ca-bundle.trust.crt  localhost1.crt  make-dummy-cert

[root@localhost certs]# openssl req -utf8 -new -key ../private/localhost.key -x509 -days 3650 -out abc_com.crt

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:510510

Locality Name (eg, city) [Default City]:GZ

Organization Name (eg, company) [Default Company Ltd]:ABC.COM

Organizational Unit Name (eg, section) []:Mr.Zhang

Common Name (eg, your name or your server's hostname) []:m.siawh.com

Email Address []:root@abc.com

[root@localhost certs]#

3.配置Apache,基本配置這里不多說(shuō)了,下面是配置m.siawh.com站點(diǎn)http訪問(wèn)的情況。

[root@localhost html]# tail -n 8 /etc/httpd/conf/httpd.conf

NameVirtualhost 192.168.2.115:80

<VirtualHost m.siawh.com:80>

    ServerAdmin webmaster@dummy-host.example.com

    DocumentRoot /var/www/html

    ServerName m.siawh.com

    ErrorLog logs/dummy-host.example.com-error_log

    CustomLog logs/dummy-host.example.com-access_log common

</VirtualHost>

[root@localhost html]# tail /var/www/html/index.html                      

m.siawh.com

[root@localhost html]#

4.配置Apache支持https訪問(wèn)m.siawh.com站點(diǎn),編輯 vim /etc/httpd/conf.d/ssl.conf 文件,制定m.siawh.com站點(diǎn)https訪問(wèn)時(shí)的相關(guān)信息。添加下面配置。

<VirtualHost m.siawh.com:443>

DocumentRoot "/var/www/html/www.kuteatest.net"    #//為了顯示效果,這里的站點(diǎn)目錄不一樣,一般情況一個(gè)域名應(yīng)該指向同一目錄的。

ServerName m.siawh.com:443

ErrorLog logs/ssl_error_log

TransferLog logs/ssl_access_log

LogLevel warn

SSLEngine on

SSLProtocol all -SSLv2

SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

SSLCertificateFile /etc/pki/tls/certs/abc_com.crt

SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

<Files ~ "\.(cgi|shtml|phtml|php3?)$">

    SSLOptions +StdEnvVars

</Files>

<Directory "/var/www/cgi-bin">

    SSLOptions +StdEnvVars

</Directory>

SetEnvIf User-Agent ".*MSIE.*" \

         nokeepalive ssl-unclean-shutdown \

         downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \

          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

5.重啟Apache服務(wù),測(cè)試訪問(wèn)。

測(cè)試http訪問(wèn)的結(jié)果

測(cè)試https訪問(wèn)的結(jié)果

查看證書信息和自建crt信息一致

https訪問(wèn)的最終結(jié)果

關(guān)鍵詞:Centos,Apache

閱讀本文后您有什么感想? 已有 人給出評(píng)價(jià)!

  • 0 歡迎喜歡
  • 0 白癡
  • 4 拜托
  • 0 哇
  • 0 加油
  • 1 鄙視