Apache SSL server Configuration SSL detailed
Recently remembered to configure SSLon the Apache Web site , toimplement the site with HTTPS Access, the following steps:
1. Experimental Environment:CentOS7 http-2.4.17.tar.gz
2.. Extract the Apache Source Package First,yum installs the packages that Apache relies on
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/75/EB/wKiom1ZEpEey5ZCfAAAhUosPKA0154.png "style=" float: none; "title=" 1.PNG "alt=" Wkiom1zepeey5zcfaaahuospka0154.png "/>
3. Configure Apache
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/75/EB/wKiom1ZEpEiQxM5BAAAUYWHCa4g616.png "style=" float: none; "title=" 2.PNG "alt=" Wkiom1zepeiqxm5baaauywhca4g616.png "/>
4. Compile and install Apache
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/75/E9/wKioL1ZEpJKi1q1IAAAI9f6UBRw849.png "style=" float: none; "title=" 3.PNG "alt=" Wkiol1zepjki1q1iaaai9f6ubrw849.png "/>
5. Confirm installation Results after successful installation
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/75/EB/wKiom1ZEpEiSRzMKAAAiv8wdSHg072.png "style=" float: none; "title=" 4.PNG "alt=" Wkiom1zepeisrzmkaaaiv8wdshg072.png "/>
6. generate a Certificate Server
1) generate the private key file for the server Server.key
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/75/E9/wKioL1ZEpJPy-n05AAAe3x0tv3I684.png "style=" float: none; "title=" 5.PNG "alt=" Wkiol1zepjpy-n05aaae3x0tv3i684.png "/>
2) generate unsigned SERVER.CSR
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/75/E9/wKioL1ZEpJOywhqfAAAKU6ExBoc559.png "style=" float: none; "title=" 6.PNG "alt=" Wkiol1zepjoywhqfaaaku6exboc559.png "/>
will prompt for a series of parameters
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/75/E9/wKioL1ZEpJTT__1uAABAIgnLKvM203.png "style=" float: none; "title=" 7.PNG "alt=" Wkiol1zepjtt__1uaabaignlkvm203.png "/>
3) You can view the files that have been generated under the current folder and move the files to the Apache directory
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/75/EB/wKiom1ZEpEqSLRM0AAAI6g7XWUw553.png "style=" float: none; "title=" 9.PNG "alt=" Wkiom1zepeqslrm0aaai6g7xwuw553.png "/>
4) sign the server certificate file SERVER.CRT
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/75/EA/wKioL1ZEpnXQlF53AAAovT1CnIo341.png "style=" float: none; "Title=" CRT. PNG "alt=" Wkiol1zepnxqlf53aaaovt1cnio341.png "/>
7.Apache optimized system configuration
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/75/E9/wKioL1ZEpJXC6VksAAAJj_RhxQk977.png "style=" float: none; "title=" 11.PNG "alt=" Wkiol1zepjxc6vksaaajj_rhxqk977.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/75/EB/wKiom1ZEpEuSTWgYAAATHBHVC3k054.png "style=" float: none; "title=" 12.PNG "alt=" Wkiom1zepeustwgyaaathbhvc3k054.png "/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/75/EB/wKiom1ZEpEuDTYaMAAAU5y2yXZY934.png "style=" float: none; "title=" 10.PNG "alt=" Wkiom1zepeudtyamaaau5y2yxzy934.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/75/EB/wKiom1ZEpEyQdpo0AAAjcBDSIU4636.png "style=" float: none; "title=" 13.PNG "alt=" Wkiom1zepeyqdpo0aaajcbdsiu4636.png "/>
8.Apache SSL Deployment
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/75/E9/wKioL1ZEpJjiTXRUAAAJLYEyQc4419.png "style=" float: none; "title=" 18.PNG "alt=" Wkiol1zepjjitxruaaajlyeyqc4419.png "/>
Get rid of the previous # of the following two lines
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/75/EB/wKiom1ZEpEzC6ZLmAAALuvnQcyg116.png "style=" float: none; "title=" 14.PNG "alt=" Wkiom1zepezc6zlmaaaluvnqcyg116.png "/>
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/75/E9/wKioL1ZEpJewDcbTAAAHGs223O8382.png "style=" float: none; "title=" 15.PNG "alt=" Wkiol1zepjewdcbtaaahgs223o8382.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/75/E9/wKioL1ZEpJjgCcdZAAAKCq2qCjg405.png "style=" float: none; "title=" 19.PNG "alt=" Wkiol1zepjjgccdzaaakcq2qcjg405.png "/>
Confirm The certificate file (. crt) and the private key file (. Key) are placed in the appropriate directory
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/75/EB/wKiom1ZEpE3w0pAQAAAMQwtVPAk285.png "style=" float: none; "title=" 16.PNG "alt=" Wkiom1zepe3w0paqaaamqwtvpak285.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/75/E9/wKioL1ZEpJjjz6mJAAAMhUu6IC0304.png "style=" float: none; "title=" 17.PNG "alt=" Wkiol1zepjjjz6mjaaamhuu6ic0304.png "/>
Save exit
9. launch Apache service
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/75/E9/wKioL1ZEpJnR9I8eAAApGfLVSRk107.png "style=" float: none; "title=" 20.PNG "alt=" Wkiol1zepjnr9i8eaaapgflvsrk107.png "/>
Boot failed, as prompted, MoD Socache shmcd not enabled, return to main profile
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/75/E9/wKioL1ZEpJmjBqS-AAAPgi9R7fQ795.png "style=" float: none; "title=" 21.PNG "alt=" Wkiol1zepjmjbqs-aaapgi9r7fq795.png "/>
Remove the previous comment and save the exit
The Apache service is ready to start.
Verifying HTTPS logins
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/75/EB/wKiom1ZEpFDQd2VrAAAJzWobEUc500.png "style=" float: none; "title=" 23.PNG "alt=" Wkiom1zepfdqd2vraaajzwobeuc500.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/75/E9/wKioL1ZEpJvRcI0_AAARz4tL_tk249.png "style=" float: none; "title=" 24.PNG "alt=" Wkiol1zepjvrci0_aaarz4tl_tk249.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/75/EB/wKiom1ZEpFGgD1Y9AAAuYsDsZgQ853.png "style=" float: none; "title=" 25.PNG "alt=" Wkiom1zepfggd1y9aaauysdszgq853.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/75/EB/wKiom1ZEpFHgCzNLAAAkDJdLEpU635.png "style=" float: none; "title=" 26.PNG "alt=" Wkiom1zepfhgcznlaaakdjdlepu635.png "/>
If you want to authenticate on the client, first import the certificate file Server.crt to the client, install the certificate
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/75/E9/wKioL1ZEpKCjxU5SAABTQbAcCQk812.png "style=" float: none; "title=" 28.PNG "alt=" Wkiol1zepkcjxu5saabtqbaccqk812.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/75/EB/wKiom1ZEpFaBbMC8AABoCa6XH68264.png "style=" float: none; "title=" 29.PNG "alt=" Wkiom1zepfabbmc8aaboca6xh68264.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/75/E9/wKioL1ZEpKGS7tesAAAfqOCUks4593.png "style=" float: none; "title=" 30.PNG "alt=" Wkiol1zepkgs7tesaaafqocuks4593.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/75/E9/wKioL1ZEpKKy7dD6AABAGRJZ9s4041.png "style=" float: none; "title=" 31.PNG "alt=" Wkiol1zepkky7dd6aabagrjz9s4041.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/75/E9/wKioL1ZEpKKznXq2AAAsO57ZkaE384.png "style=" float: none; "title=" 32.PNG "alt=" Wkiol1zepkkznxq2aaaso57zkae384.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/75/EA/wKioL1ZEpKKypoomAAAn8tAGNT8926.png "style=" float: none; "title=" 33.PNG "alt=" Wkiol1zepkkypoomaaan8tagnt8926.png "/>
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/75/EA/wKioL1ZEqGCg8sMXAACIOdAyVIE505.png "title=" 34.PNG "alt=" Wkiol1zeqgcg8smxaaciodayvie505.png "/>
This article is from the "10319031" blog, please be sure to keep this source http://10329031.blog.51cto.com/10319031/1712333
Apache SSL server Configuration SSL detailed