One, Apache installation SSL certificate requires three profiles:
(Warm tip: Please back up the server configuration file you need to modify before installing the certificate)
1_ROOT_BUNDLE.CRT, 2_DOMAINNAME.COM.CRT, 3_ Domainname.com.key.
Note: These three certificate fi
Recently in a project, the project was previously used. NET do, now need to rewrite with PHP. After development, you need to migrate the SSL certificate on IIS to the Apache environment.
Workaround:
Roughly three steps
First, export the certificate file to IIS
1. Start-> Run->mmc
2. Menu-> file-> Add/Remove snap-i
and rename it ca. CRT.
# Cp cacert. pem ca. CRT
Copy codeStep 3. Edit SSL. conf
# Cd/usr/local/Apache/Conf
Copy codeEdit SSL. conf
Specify the server certificate location
Sslcertificatefile/usr/local/Apache/CONF/
some documents here. I use a ca. Sh provided by OpenSSL to sign the certificate, rather than sign. Sh in mod_ssl.
Using the OpenSSL syntax to generate a certificate has many restrictions, such as the Directory and key location. It is troublesome. I tried it for several days and finally gave up. If you are interested, refer to the OpenSSL manual.
Step 1: Install
This post was last edited by q1082121 on 2016-11-24 12:31Scenario two Apache1, the Apache type of SSL three files uploaded:/www/wdlinux//www/wdlinux/httpd-2.4.18//conf/below can!Three files are root certificate, private key, public key, respectively2,Open/www/wdlinux/httpd-2.2.24/conf/httpd.confOpenLoadModule Slotmem_shm_module modules/mod_slotmem_shm.soLoadModul
one, installation preparation 1. Installing OpenSSL To enable Apache to support SSL, you need to install OpenSSL support first. Recommended download installation openssl-0.9.8k.tar.gz download OPENSSL:HTTP://WWW.OPENSSL.ORG/SOURCE/TAR-ZXF openssl-0.9.8k.tar.gz //Unzip the installation package CD openssl-0.9.8k //into the unpacked installation package ./con
About SSL certificates
SSL certificates are used to encrypt site information and create a safer connection. In addition, the certificate can display the VPs identity information to site visitors. The Certificate Authority issues an SSL
website.At this point you should has five files. If you ' re missing any, double-check the previous steps and re-download them:
Ca.pem-startssl ' s Root certificate
Private.key-the unencrypted version of your private key (be very careful no one else have access to this file!)
Sub.class1.server.ca.pem-the Intermediate Certificate for Startssl
Ssl.key-the encrypted version of your privat
[Essence] The original Win+apache implementation of SSL certificate authentication is so simple
Http://www.chinaunix.net Author: ataman posted: 2008-05-22 18:16:46
"Comment" "View original" "Web server Discussion Area" "Close"
Windows+
Setup Preparation 1. Install openssl to enable Apache to support SSL, you need to install OpenSSL support first. Recommended download install openssl-0.9.8k.tar.gz Download openssl:http://www.openssl.org/source/ TAR-ZXF openssl-0.9.8k.tar.gz //Unzip the installation pac
Install let ' s Encrypt client
For CentOS distributions There are currently two ways to install let's Encrypt clients, one of which is a direct yum installation from the upstream Epel source, one that is downloaded from the Encrypt source of let ' s GitHub. Waterscape One page uses the following second method, downloaded from the GitHub.
Two ways of installingSimple comparison:
YUM installation follows t
III. Certificate of DeploymentIf you use two-way authentication, you will have three private keys and three certificates. They were Ca.key, CA.CRT, Server.key, SERVER.CRT, Client.key, CLIENT.CRT, and client.pfx to the browser.If you use a one-way authentication with a CA certificate, the certificate and private key are Ca.key, CA.CRT, Server.key, Server.crt.If yo
Sslcertificatekeyfile/usr/local/apache/conf/2_laojiang.me.key
Sslcertificatechainfile/usr/local/apache/conf/ca.crt
Note that we have processed SSL several file formats that need to be uploaded to the corresponding directory.
2, Nginx website environment
A-Save the domain name www.laojiang.me
one, Apache installation SSL certificate requires three configuration filesWarm tip: Before installing the certificate, please back up the server configuration file you need to modify1_ROOT_BUNDLE.CRT, 2_DOMAINNAME.COM.CRT, 3_ Domainname.com.key.Note: These three files are in folder for Apache.zip, where domainname.com
1. If The. crt. key and. Ca-bundle files have been applied through a third party2. Copy three files to any of the specified directories on a Linux server3. Locate the Apache configuration you want to editThe Apache master configuration file is often called httpd.conf or apache2.conf. common paths include /etc/httpd/or /etc/apache2/ SSL
will extract files. Note. This assumes that you have downloaded a temporary directory, and you are in this directory.
# Mkdir rsaref-2.0
# Cd rsaref-2.0
# Gzip-d-c ../rsaref1_tar. Z | tar xvf-
Configure and construct the OpenSSL library.
# Cd rsaref-2.0
# Cp-rp install/unix local
# Cd local
# Make
# Mv rsaref. a librsaref.
# Cd ../..
Install OpenSSL. Remember, you will use it to create a license
The files exported by IIS are in. pfx format, and the SSL certificates of Apache are. Key and. CRT files. You only need to convert the. pfx file to the. Key +. CRT file and install it on Apache.
Step 1: Download the OpenSSL Software Package http://www.myssl.cn/download/OpenSSL_0.9.8.a_Win32.zip
Step 2: extract the pa
transferred from:http://www.getvm.net/apache-crt-ssl-convert-to-iis-pfx/Apache uses the The SSL certificate is. crt format, if your website from Apache to the Windows host IIS, this time to put the original
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.