標籤:httpd2.2 虛擬機器主機 https status頁面 存取控制
一、httpd 基於FQDN的虛擬機器主機配置
以下小字型為設定檔內容,綠色加粗字型為可行的命令
1、安裝httpd
yum -y install httpd
2、建立虛擬機器主機設定檔
vim /etc/httpd/conf.d/www.conf
<VirtualHost172.16.19.11:80>
ServerName www1.abc.com
DocumentRoot /var/www/www1
ErrorLog logs/www1.error_log
CustomLog logs/www1.acess_log common
</VirtualHost>
<VirtualHost172.16.19.11:80>
ServerName www2.abc.com
DocumentRoot /var/www/www2
ErrorLog logs/www2.error_log
CustomLog logs/www2.access_log common
</VirtualHost>
3、開啟NameVirtualHost
vim/etc/httpd/conf/httpd.conf
NameVirtualHost172.16.19.11:80
4、建立虛擬機器主機跟目錄
mkdir/var/www/www1; mkdir /var/www/www1;
5、設定檔語法檢查
httpd -t
6、啟動服務
service httpdrestart
7、建立測試頁面
echo "<h1> www1 </h1>"> /var/www/www1/index.html
echo "<h1> www1</h2>" > /var/www/www2/index.html
8、修改本地hosts測試虛擬機器主機
a) vim /etc/hosts #建立一行添加ip與網域名稱
172.16.19.11 www1.abc.com www2.abc.com
b)測試基於網域名稱的虛擬機器主機是否工作正常,效果如所示
650) this.width=650;" src="http://s5.51cto.com/wyfs02/M02/84/2E/wKioL1eHrYyCAkkPAAAUS6u7aB4880.png" title="QQ圖片20160714231741.png" alt="wKioL1eHrYyCAkkPAAAUS6u7aB4880.png" />
二、為www1.abc.com添加status頁面,並設定存取控制
a) httpd -M | grep status #確認模組是否載入,如未載入在httpd.conf主設定檔找到以下欄位取消注釋,然後重載服務。
LoadMoudule status_module modules/mod_status.so
b) vim /etc/httpd/conf.d/www.conf #編輯設定檔,在www1虛擬機器主機內添加一下內容
<Location /server-status>
SetHandlerserver-status
AuthType basic
AuthNAME"only tom"
AuthUserfile/etc/httpd/conf/.htpw
Require user tom
</Location>
c) 為tom 使用者建立訪問密碼
htpasswd -m -c /etc/httpd/conf/.htpw tom
d) 重載服務測試
service httpd reload
http://www1.abc.com/server-status
650) this.width=650;" src="http://s2.51cto.com/wyfs02/M02/84/2E/wKiom1eHrs6SKEe3AACEwklWmdo303.png" title="密碼驗證" alt="wKiom1eHrs6SKEe3AACEwklWmdo303.png" />
三、為www1配置為https
A) 建立CA
(umask077;openssl genrsa -out /etc/pki/CA/private/cakey.pem 2048)
openssl req -new -x509 -key/etc/pki/CA/private/cakey.pem -out /etc/pki/CA/cacert.pem
touch /etc/pki/CA/index.txt
echo 01 > /etc/pki/CA/serial
650) this.width=650;" src="http://s1.51cto.com/wyfs02/M00/84/2E/wKioL1eHr5TTeq9cAAF0WuxX-Xo945.png" title="3.png" alt="wKioL1eHr5TTeq9cAAF0WuxX-Xo945.png" />
B) 為https製作認證
a)建立儲存秘鑰的檔案夾
mkdir /etc/httpd/ssl
b) 產生httpd秘鑰
(umask 077;openssl genrsa -out/etc/httpd/ssl/httpd.key 2048)
c)產生認證請求檔案
openssl req -new -key/etc/httpd/ssl/httpd.key -out /etc/httpd/ssl/httpd.csr
d)CA簽發認證
openssl ca -in /etc/httpd/ssl/httpd.csr-out /etc/httpd/ssl/httpd.crt
C) 配置https
a) 安裝必要的rpm包
yum -y install mod_ssl
b) 編輯設定檔
vim /etc/httpd/conf.d/ssl.conf
<VirtualHost172.16.19.11:443>
DocumentRoot"/var/www/www1"
ServerName www.abc.com:443
SSLCertificateFile/etc/httpd/ssl/httpd.crt
SSLCertificateKeyFile/etc/httpd/ssl/httpd.key
D) 重啟測試服務
service httpd restart
650) this.width=650;" src="http://s5.51cto.com/wyfs02/M01/84/2E/wKioL1eHssbigP-aAADAl7qKZLM173.png-wh_500x0-wm_3-wmp_4-s_2448306314.png" title="aaa.png" alt="wKioL1eHssbigP-aAADAl7qKZLM173.png-wh_50" />
本文出自 “My Space” 部落格,謝絕轉載!
httpd2.2 虛擬機器主機、存取控制及https的實現
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
