For simplicity and clarity, first install the Apache server using the RPM package.
# Cd/MISC/CD/RedHat/RPMS // enter the CD package storage directory
# Rpm-IVH rpmdb-redhat-4-0.20070421.i386.rpm // The purpose of installing this package is to facilitate dependency on some programs
# Rpm-IVH -- aid httpd-2.0.52-32.ent.i386.rpm // Add -- aid automatically resolves the package dependency, so the rpmdb package has been installed before
# Rpm-IVH mod_ssl-2.0.52-32.ent.i386.rpm // The purpose of installing this package is to achieve https
# Echo 'This is my first page! '>/Var/www/html/index.html // create a default home page and put it in the default home directory defined by Apache
# Service httpd start // start the server
Enter https: // server IP address in the browser to install the certificate to implement secure HTTP.
But at this time, the certificate is automatically generated by mod_ssl, and the information is not what we want! Therefore, you can use the following method to create your own certificate.
# Cd/etc/httpd/conf // enter the Apache configuration file storage directory
# Rm-f ssl. */server. * // Delete the certificate and signature file automatically installed by mod_ssl.
# OpenSSL genrsa-des3 1024> SSL. Key/server. Key // generate a private key file. The file requires a password.
# OpenSSL RSA-in SSL. Key/server. Key-out SSL. Key/server. Key // if you do not want to use the password, you must enter the password set during generation.
# OpenSSL req-New-key SSL. Key/server. Key-out SSL. CSR/server. CSR // generate a Certificate Signature request file (Certificate Signing Request)
You are about to be asked to enter information that will be ininitialized
Into your certificate request.
What you are about to enter is what is called a distinguished name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country name (2 letter code) [GB]: ch // enter the country name
State or province name (full name) [Berkshire]: Beijing // province name
Locality name (eg, city) [Newbury]: Beijing // City
Organization Name (eg, company) [My Company Ltd]: xhce // Organization Name
Organizational unit name (eg, section) []: bjxh // unit name
Common name (eg, your name or your server's hostname) // enter
Email Address []: weisheng213@126.com // mailbox
Please enter the following 'extra 'attributes
To be sent with your certificate request
A challenge password []: // query password, which can be left blank
An optional company name []: // you can leave it empty.
# OpenSSL X509-in SSL. CSR/server. CSR-out SSL. CRT/server. CRT-req-signkey SSL. key/server. key-days 365 // enable the server to act as the certificate signature server. In Security E-commerce, you must apply to a third-party business organization.
Signature OK
Subject =/C = CH/ST = Beijing/L = Beijing/o = xhce/ou = bjxh/CN =
Getting Private Key
# Vi ../CONF. d/SSL. conf // edit the main configuration file of mod_ssl
# Remove the # Above DocumentRoot "/var/www/html"
# Service httpd restart // restart the Apache server to read the new certificate information
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.