Build Apache + MySQL + PHP + SSL in CentOS6

Some articles on the Internet are old. After the version is high, the configuration is effort-saving (without considering any load, in addition to the epelrpmfushion source commands mentioned in the article, other processes are also applicable to Centos51. to install CentOS6, you can select the minimum installation or desktop installation 2. upgrade system yum

Some articles on the Internet are old. After the version is high, the configuration is effort-saving (without considering any load)

The whole process is shared. Apart from the differences in the epel rpmfushion source commands mentioned in this article, other processes are also applicable to Centos 5

1. Install CentOS 6. You can select the minimum installation or desktop installation.

2. upgrade the system

 

yum update

3. Install mysql and set mysql to start automatically when mysql is started.

 

yum install mysql

yum install mysql-server

chkconfig --levels 35 mysqld on

service mysqld start

4. Configure the mysql root Password

 

mysql_secure_installation

Enter current password for root (enter for none ):(Press ENTER)
OK,SuCcessfully usEdPassword, moving on...

Setting the root password ensures that nobody can log into the MySQL
Root user without the proper authorisation.

Set root password? [Y/n](Y)

New password:(123456)
Re-enter new password:(123456)
Password updated successfully!
Reloading privilege tables ..
... Success!

By default, a MySQL installation has an anonymous user, allowing anyone
To log into MySQL without having to have a user account created
Them. This is intended only for testing, and to make the installation
Go a bit smoother. You shoshould remove them before moving into
ProDuCtion environment.

Remove anonymous users? [Y/n]

(Whether to remove the default account from the database. If it is removed, entering mysql directly on the terminal will prompt a connection error.) Y

NoRmAlly, root shoshould only be allowed to connect from \ 'localhost \ '. This
Ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n]

(Whether to disable root remote logon) Y
By default, MySQL comes with a database named \ 'test \ 'that anyone can
Access. This is also intended only for testing, and shocould be removed
Before moving into a production environment.

Remove test database and access to it? [Y/n]Y
Reload privilege tables now? [Y/n]Y

5. install apache and set startup.

 

yum install httpd

chkconfig --levels 35 httpd on

service httpd start

At this time, you can test whether apache works normally.

It should be okay to directly access localhost through a browser, but if other hosts cannot access it, it is because of the relationship between the firewall and the configuration of the firewall.

(This problem will occur later in ssl)

6. InstallPhp

 

yum install php

yum install php-mysql php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc

At this time, the php installation is complete. Write a script to test it.

 

vi /var/www/html/info.php

Input

 

phpinfo();?>

Access localhost/info. php ~ Www. linuxIdC.com

7. Install phpMyAdmin

First, install epel and rpmfushion on the system.

 

rpm -Uvh http://download.Fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm

rpm -Uvh http://download1.rpmfusion.org/free/el/updates/testing/6/i386/rpmfusion-free-release-6-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/6/i386/rpmfusion-nonfree-release-6-0.1.noarch.rpm

For centos 5, run the following command:

 

rpm -Uvh http://download.Fedora.RedHat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm

rpm -Uvh http://download1.rpmfusion.org/free/el/updates/testing/5/i386/rpmfusion-free-release-5-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/5/i386/rpmfusion-nonfree-release-5-0.1.noarch.rpm

The installation is very convenient ,~ You do not need to download the latest version.

 

yum install phpmyadmin

After the installation is complete, you need to configure the access permission so that other hosts can access phpMyAdmin.

 

vi /etc/httpd/conf.d/phpMyAdmin.conf

Find the permission settings for the two directories and Change Allow from to All.

Order Deny, Allow
Deny from All
Allow from 127.0.0.1
Allow from All

SetUp/>
Order Deny, Allow
Deny from All
Allow from 127.0.0.1
Allow from All

Restart the server

 

service httpd restart

Test localhost/phpMyAdmin

Username and password: root 123456

OK ~ LAMP is built,

8. Set up SSL to enable apache to support https

 

yum install mod_ssl

After this module is installed, You Can Use https: // localhost to test apache after it is restarted, because it creates the default certificate.

Under/etc/pki/tls

Of course, we can also use openssl to create our own certificates.

yum install openssl

Generate Certificate file
Create an rsa private key named server. key

 

openssl genrsa -out server.key 1024

Generating RSA private key, 1024 bit long modulus
...
...
E is 65537 (0x10001)


Use server. key to generate the CSR for signing the certificate

 

openssl req -new -key server.key -out server.csr

CounTrY Name: Country Code of two letters
State or ProviNcE Name: province Name
Locality Name: city Name
Organization Name: Company Name
Organizational Unit Name: department Name
Common Name: Your Name
EmailDdRess: Address
As \'ExTra \ 'bubutes does not need to be input. Press ENTER

Generate the certificate CRT file server. crt.

openssl x509 -days 365 -req -in server.csr -signkey server.key -out server.crt

Modify ssl. conf to specify the certificate generated by ourselves.

vi /etc/httpd/conf.d/ssl.conf

Find the following location and modify the path

# Server CertifiCatE:
# Point SSLCertificateFile at a PEM encoded certificate. If
# The certificate is encrypted, then you will be prompted for
# Pass phrase. Note thatKill-HUP will prompt again. A new
# Certificate can be generated using the genkey (1) command.
SSLCertificateFile/etc/pki/tls/certs/localhost. crt