Configure SSL under Apache

Local tests are for Mac computers.

The first step to generate a certificate

Start by executing the following command to generate a key

OpenSSL genrsa-des3-out Ssl.key 1024

Then generate the certificate request file based on this key file

OpenSSL Req-new-key ssl.key-out SSL.CSR

Fill in the appropriate information (note the server domain name or IP address to fill your test domain name, IP)

Enter PEM Pass phrase: (enter password)

Verifying-enter PEM Pass phrase: (Enter password again)

Country Name (2 letter code) [AU]: (country abbreviation)

State or province name (full name) [Some-state]: (province name)

Locality name (eg, city) []: (urban name)

Organization name (eg, company) [Internet Widgits Pty Ltd]:(organization name or corporate name)

Organizational Unit name (eg, section) []: (department name)

Common name (eg, YOUR name) []: (Server domain name or IP address)

email address []: (E-mail)

Please enter the following ' extra ' attributes

To is sent with your certificate request

A Challenge Password []: (password)

An optional corporation name []: (company alias)

Finally, a CRT certificate file is generated from these 2 files

OpenSSL x509-req-days 365-in ssl.csr-signkey ssl.key-out ssl.crt

The files are placed under the apache2.2/conf directory.

second step to configure Apache

Enter apache2.2\conf, open httpd.conf

1. Remove the comment from the following statement, i.e. remove the previous #

#LoadModule Ssl_module modules/mod_ssl.so

2, remove the comments below, the purpose is to use Apache's own SSL configuration file httpd-ssl.conf to modify, reduce our workload.

#Include conf/extra/httpd-ssl.conf

Enter Apache2.2/conf/extre/, open httpd-ssl.conf

listen 443# Monitor 443 Port namevirtualhost test.passport.com:443<virtualhost test.passport.com:443 >   ServerAdmin joey   DocumentRoot  "/users/xinsonl/www/passport/ Public "   ServerName test.passport.com:443   ErrorLog " Logs/errlog "    CustomLog  "Logs/accesslog"  common   SSLEngine on     #开启SSL    sslciphersuite rc4-sha:aes128-sha:high:medium:!anull:! md5   sslcertificatefile  "/APPLICATIONS/XAMPP/XAMPPFILES/CONF/SSL/SSL.CRT"      #ssl. CRT is a file generated with OpenSSL    SSLCertificateKeyFile  "/applications/xampp/xamppfiles/conf/ Ssl/ssl.key "    #ssl. Key is a file created with OpenSSL    <Directory "/users/xinsonl/www/ Passport/public ">   Order allow,deny   Allow from all    </directory></virtualhost> 

Then restart Apache.

The access prompts you to be untrusted at this time.

Third Step certificate Not trusted

First, open [application]>[utility]>[Keychain Access] and select [System] on the left navigation.

In the second step, select [File] [Import Project] at the top and navigate to the local\ca.crt of the Goagent installation directory. Select Import

Third, right-select the newly imported goagent CA certificate, select [Introduction], and select the expand [Trust] column to make sure all choices are [always trust].

Configure SSL under Apache