The compiled command line program in OpenSSL windows:
Http://downloads.sourceforge.net/gnuwin32/openssl-0.9.8h-1-bin.zip
Lamp enables SSL
First, install the OpenSSL and Apache SSL modules and execute:
Yum install OpenSSL mod_ssl-y
The configuration method is similar to the following:
Wamp enable SSL
1. # modify the httpd. conf file
Loadmodule ssl_module modules/mod_ssl.so
Include CONF/extra/httpd-ssl.conf
# Remove "#" from the first two rows "#"
2. # modify CONF/extra/httpd-ssl.conf
Sslcertificatefile "D:/Wamp/apache2/bin/server. CRT"
Sslcertificatekeyfile "D:/Wamp/apache2/bin/server. Key"
3. # modify the file location for your certificate generation
DocumentRoot "E:/www" # modify the DocumentRoot value to be consistent with the DocumentRoot value in the httpd. conf file.
4. # solve the problem that Apache cannot be started
Set the configuration file (in the httpd-ssl.conf CONF/extra directory)
Sslmutex "file: D:/programfiles2003/Wamp/apache2/logs/ssl_mutex"
Change to 68: sslmutex default
5. # Replace all Apache paths in the httpd-ssl.conf file with your Apache path
# The configuration file has been modified.
Ii. certificate generation method
Windows --
# Run the following command in the Apache/bin directory:
OpenSSL req-config ../CONF/OpenSSL. CNF-New-out server. CSR-keyout server. pem
OpenSSL. CNF is the OpenSSL configuration file that comes with Apache and is referenced to the complete path of the file.
Enter the password twice, whatever the password, and press enter to skip the following input.
# Issuing a certificate
OpenSSL RSA-in server. pem-out server. Key
Enter the password you just created
# Generate a key file
OpenSSL X509-in server. CSR-out server. CRT-req-signkey server. Key-days 365
# Generate a certificate file
Copy server. Key and server. CRT to the conf folder.
Linux --
Generate the server private key:
# OpenSSL Gen RSA-des3-out server. Key 1024
Generate a server certificate request and fill in the relevant certificate information as required:
# OpenSSL req-New-key server. Key-out server. CSR
Visa:
# OpenSSL X509-req-days 700-in server. CSR-signkey server. Key-out server. Cert
Signature OK
Restart Apache
OK. Congratulations, you can use HTTPS to access your root directory.
Of course, we also need an SSL Virtual Host
You need to configure the VM file to write a VM that listens to port 443 in the file. For example:
<Virtualhost wosau: 443>
DocumentRoot/home/ownfire/www/woosau
Servername woosau
Sslengine on
Sslcertificatefile/etc/httpd/CONF/server. CRT
Sslcertificatekeyfile/etc/httpd/CONF/server. Key
</Virtualhost>
Because the specified host name is woosau, you need to write a virtual host name rule.
Namevirtualhost wool: 443
Now, you can access https: // woosau.