Linux under Apache HTTPS virtual host Configuration

If you simply want to encrypt the transfer while transferring data, the SSL certificate does not require authentication, but the browser opens with a warning message. Let's say we're not doing a public product, so it's okay.

Here is a note to study today, in fact, I use the real environment.

Environment:CentOS, 32bit;apache 2.2.15;

1. Check if Apache has the mod_ssl.so module installed.

The check method is to see if it exists under modules(/etc/httpd/modules/). Does not exist then install (yum-y install mod_ssl).

2. Generate Certificates and keys

1) Generate key

Command: OpenSSL genrsa 1024x768 > Server.key

Description: Generate the key using the 128-bit RSA algorithm and get the Server.key file.

2) Generate a certificate request file

Command: OpenSSL req-new-key server.key > SERVER.CSR

Note: Generate a certificate request file SERVER.CSR with the key generated by step 1, this step will have a lot of problems, according to their own needs to enter.

3): Generate certificate

Command: OpenSSL req-x509-days 365-key server.key-in SERVER.CSR > Server.crt

Description: Generate a certificate with step key and certificate request the Server.crt,-days parameter indicates the certificate validity period, in days.

3. Modifying the Apache configuration file (httpd.conf)

1) Adding a listening port

Listen 443

2) Load Mod_ssl module

LoadModule Ssl_module modules/mod_ssl.so

3) Configuring the virtual host

Namevirtualhost 121.127.246.429:443<virtualhost 121.127.246.429:443>documentroot/data/www/ 1234567ServerName 1234567.mo.comsslengine onssloptions +strictrequiresslcertificatefile/data/conf/httpd/ Server.crtsslcertificatekeyfile/data/conf/httpd/server.keydirectoryindex index.html index.php<Directory "/data /www/1234567 "> #Options Indexes followsymlinksoptions followsymlinksallowoverride noneorder allow,denyallow from All</directory></virtualhost>

4. Access

Https://1234567.mo.com