Enable SSL access under Apache, that is, https

The compiled command line program in OpenSSL windows:

Http://downloads.sourceforge.net/gnuwin32/openssl-0.9.8h-1-bin.zip

Lamp enables SSL

First, install the OpenSSL and Apache SSL modules and execute:

Yum install OpenSSL mod_ssl-y

The configuration method is similar to the following:

Wamp enable SSL

1. # modify the httpd. conf file
Loadmodule ssl_module modules/mod_ssl.so
Include CONF/extra/httpd-ssl.conf
# Remove "#" from the first two rows "#"
2. # modify CONF/extra/httpd-ssl.conf
Sslcertificatefile "D:/Wamp/apache2/bin/server. CRT"
Sslcertificatekeyfile "D:/Wamp/apache2/bin/server. Key"
3. # modify the file location for your certificate generation
DocumentRoot "E:/www" # modify the DocumentRoot value to be consistent with the DocumentRoot value in the httpd. conf file.
4. # solve the problem that Apache cannot be started

Set the configuration file (in the httpd-ssl.conf CONF/extra directory)

Sslmutex "file: D:/programfiles2003/Wamp/apache2/logs/ssl_mutex"

Change to 68: sslmutex default
5. # Replace all Apache paths in the httpd-ssl.conf file with your Apache path

# The configuration file has been modified.

Ii. certificate generation method

Windows --

# Run the following command in the Apache/bin directory:

OpenSSL req-config ../CONF/OpenSSL. CNF-New-out server. CSR-keyout server. pem

OpenSSL. CNF is the OpenSSL configuration file that comes with Apache and is referenced to the complete path of the file.

Enter the password twice, whatever the password, and press enter to skip the following input.

# Issuing a certificate

OpenSSL RSA-in server. pem-out server. Key

Enter the password you just created

# Generate a key file
OpenSSL X509-in server. CSR-out server. CRT-req-signkey server. Key-days 365
# Generate a certificate file

Copy server. Key and server. CRT to the conf folder.

Linux --

Generate the server private key:
# OpenSSL Gen RSA-des3-out server. Key 1024

Generate a server certificate request and fill in the relevant certificate information as required:
# OpenSSL req-New-key server. Key-out server. CSR

Visa:
# OpenSSL X509-req-days 700-in server. CSR-signkey server. Key-out server. Cert
Signature OK

Restart Apache

OK. Congratulations, you can use HTTPS to access your root directory.

Of course, we also need an SSL Virtual Host

You need to configure the VM file to write a VM that listens to port 443 in the file. For example:

<Virtualhost wosau: 443>
DocumentRoot/home/ownfire/www/woosau
Servername woosau
Sslengine on
Sslcertificatefile/etc/httpd/CONF/server. CRT
Sslcertificatekeyfile/etc/httpd/CONF/server. Key
</Virtualhost>

Because the specified host name is woosau, you need to write a virtual host name rule.

Namevirtualhost wool: 443

Now, you can access https: // woosau.