Apache Configures multiple HTTPS sites

The work often encounters multiple sites to implement HTTPS access, and point to the same Web page, this article will explain how to configure Apache multi-site in the CentOS environment for HTTPS access.

Preparatory work

Os:centos Release 6.8 (Final)
Web:apache

Installing Apache

1. Installing Apache

[[email protected] ~]# yum install httpd -y

2. Start the service

[[email protected] ~]# service  httpd startStarting httpd:                                            [  OK  

3. Modify the test page

[[email protected] ~]# cat /var/www/html/index.html 

4. Test access


Implementing HTTPS Access

1. Installing the SSL module

[[email protected] ~]# yum install mod_ssl -y

2. Testing

[[email protected] ~]# cd /etc/httpd/modules/[[email protected] modules]# ll | grep ssl-rwxr-xr-x 1 root root 181872 Oct 20  2017 mod_ssl.so

3. Upload the certificate file
Here we can go to the major manufacturers to apply for free certificates, to meet the needs of individual sites, such as corporate websites, the proposed purchase of enterprise fees certificate;

4. Modify the configuration

[[email protected] ~]# cd /etc/httpd/conf.d/[[email protected] conf.d]# lsREADME  ssl.conf  

LoadModule ssl_module modules/mod_ssl.soListen 443<VirtualHost *:443>    DocumentRoot "/var/www/html"    ServerName domaintest.cn    SSLEngine on    SSLCertificateFile /etc/httpd/ssl/default/2_domaintest.cn.crt    SSLCertificateKeyFile /etc/httpd/ssl/default/3_domaintest.cn.key    SSLCertificateChainFile /etc/httpd/ssl/default/1_root_bundle.crt</VirtualHost>

configuration file Parameters	Description
LoadModule	Loading the SSL module
Listen	Listening on port 443
DocumentRoot	Web Directory
ServerName	Site Domain Name
Sslengine on	Enable SSL Features
Sslcertificatefile	Certificate file
Sslcertificatekeyfile	Private key File
Sslcertificatechainfile	Certificate chain file

5. Restart Service

[[email protected] ~]# httpd -tSyntax OK可以先试用httpd -t 检测一下配置文件是否正确，然后再重启服务；[[email protected] ~]# service  httpd restartStopping httpd:                                            [  OK  ]Starting httpd:                                            [  OK  ]

6, detection port is monitoring

[[email protected] conf.d]# ss -ntlState      Recv-Q Send-Q       Local Address:Port         Peer Address:Port LISTEN     0      128                      *:80                      *:*     LISTEN     0      128                      *:22                      *:*     LISTEN     0      100              127.0.0.1:25                      *:*     LISTEN     0      128                      *:443                     *:*     

7. Test Access

• It is recommended to use Google Chrome for test access, F12 view, which shows "This page is secure (valid HTTPS).", stating that the certificate is configured correctly;
  Configuring multiple HTTPS Sites

  1. Upload the certificate file

  [[email protected] ~]# cd /etc/httpd/ssl/[[email protected] ssl]# mkdir web[[email protected] ssl]# cd web/[[email protected] web]# rz

  2. Modify the configuration file

  LoadModule ssl_module modules/mod_ssl.soListen 443NameVirtualHost *:443# 第一个虚拟主机<VirtualHost *:443>DocumentRoot "/var/www/html"ServerName domaintest.cnSSLEngine onSSLCertificateFile /etc/httpd/ssl/default/2_domaintest.cn.crtSSLCertificateKeyFile /etc/httpd/ssl/default/3_domaintest.cn.keySSLCertificateChainFile /etc/httpd/ssl/default/1_root_bundle.crt</VirtualHost>#第二个虚拟主机<VirtualHost *:443>DocumentRoot "/var/www/html"ServerName web.domaintest.cnSSLEngine onSSLCertificateFile /etc/httpd/ssl/web/2_web.domaintest.cn.crtSSLCertificateKeyFile /etc/httpd/ssl/web/3_web.domaintest.cn.keySSLCertificateChainFile /etc/httpd/ssl/web/1_root_bundle.crt</VirtualHost>

  3. Restart Service

  [[email protected] conf.d]# service  httpd restartStopping httpd:                                            [  OK  ]Starting httpd:                                            [  OK  

  4. Test access
  
  

Here, Apache Multi-site HTTPS to achieve the ~

Apache Configures multiple HTTPS sites