Apache Open SSL Service Tutorial

Source: Internet
Author: User
Tags control characters openssl

1, first please confirm that your Apache server has installed encryption module, can be OpenSSL, or openssl+modssl.

If your Apache Web server is installed on a UNIX or Linux platform, you can obtain OpenSSL from the following URLs:

http://www.openssl.org/source/

If your Apache Web server is running on a Windows platform, you can get OpenSSL + Modssl on the following Web site:

http://www.modssl.org/contrib/

2, through the OpenSSL to the Apache server to generate a key pair (key pair)

# OpenSSL Req-new-nodes-keyout private.key-out PUBLIC.CSR

Here you need to answer some questions based on your Apache server's actual information: Country name (Country name), provincial or intercontinental (state or province name), local name (locality name), organization name ( Organization name, organizational unit name (organization), universal name (Common name), email address (email name), private key protection password (a challenge password), Optional company name (a opentional name).

It is important to note here that the name of the country must be the standard abbreviation, China is CN; The universal name must be the FQDN.

3, then, in your current directory will produce two files: Private.key and PUBLIC.CSR.

Private.key is your private key, PUBLIC.CSR is the certificate request file.

4, visit http://demo.sheca.com/testca/TCert1/tcert.asp, apply for a free web site certificate, free only 15 days of the use of the time yo. Put the PUBLIC.CSR request file content into the application page, complete the certificate application work.

5. After applying for the certificate, copy the certificate file to the directory where you just saved your private key and request file.

6, now configure your Apache server http.conf file, open the HTTPS service.

Use an editor (Unix or Linux) to use Vi,windows with Notpad. Please do not use word processing software, such as words, because it will include some invisible control characters.

Add the following:

Sslcertificatefile/etc/ssl/crt/public.der

Sslcertificatekeyfile/etc/ssl/crt/private.key

Please modify the above content according to your certificate and the actual address of your private key.

7, restart your Apache server. You can do this by starting the script.

# Apachectl Stop

# Apachectl Startssl

In this way, your Apache server's 80 and 443 ports are serviced at the same time.

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.