My SSL test seems to be a little bit right.
(Note Little brother set up DNS domain name resolution, 192.168.0.100 IP binding two domain names, www.mydotnet.com and www.zhang.com)
--------------------The following is the activation of SSL and obtaining the installation server certificate------------
Enable SSL on the server
This section describes how to create a certificate request, obtain a beta test server-side certificate from the Verisign site, and
Domain Registration | International Domain name | registration fee
Later this Thursday, VeriSign announced that it would increase the registration fees for. com and. NET domain names from October 1 onwards.According to foreign media reports, VeriSign said, the registration fee for the. com domain name will increase from 6.42 U.S. dollars to 6.86 U.S. dollars, the registration fee for the. NET domain name wi
the key storage zone of the operating system. A certificate signature request is also generated when the private key is generated.
• CA Public Key: a ca is a trusted server. Currently, many Certificate Authorities provide certificate services, such as DigiCert or VeriSign. In addition, this may be a private CA, such as a CA in the Microsoft Windows Server operating system. If a copy of its public key exists in the certificate library connecting to th
a certificate on your own and export the private key to slave. Step 2: Submit the generated certificate to a third-party certification authority, such as Verisign and thawte, these organizations will need you to provide some information to authenticate your identity. This is easy to understand, because they need to be responsible for your identity in the future when you use the certificate, and all of them must first authenticate your identity. Step
Since the development of the Internet, various application services have been very rich, and every website is trying to gather its own user base, so we have countless "accounts" and "passwords ".
Different applications have different security requirements. Different services have different security requirements due to their importance. If one of my frequently browsed Forum accounts is lost, I will be depressed for a maximum of a few days. Just register another account, but if one of my online ba
were found.The discovery was caused by the system initiating selinux.Temporarily close SELinuxSetenforce 0Permanently closedVim/etc/selinux/configModifySelinux=enforcingChange intoSelinux=disabled(c)New index.html in WWW1 and WWW2, respectively, www1.buybybuy.com and www2.buybybuy.com# vim/web/vhosts/www1/index.html# vim/web/vhosts/www2/index.html(d)Create an Access account and follow the instructions# htpasswd-c/ETC/HTTPD/CONF.D/.HTPASSWD WebAdminModify Httpd.conf, joinAuthType BasicAuthName "
Installation version: The 32-bit desktop version downloaded from the official website
1. Add Source:
(1) Add a 163 Source:
First, enter the terminal to open and enter the Su, password, and administrator permission;
Enter gedit/etc/yum. Repos. d/163. Repo, and press Enter.
Copy the following content to the opened 163. Repo:
Fedora-mirrors.163.comName = fedora 12-i386Base url = http://mirrors.163.com/fedora/updates/12/i386/Enabled = 1Gpgcheck = 0Gpgkey = file: // etc/
Certificate Revocation List LookupHttp://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crlHttp://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xmlhttp://ieonline.microsoft.com:443Http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crlhttp://tools.google.com:443Http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?8f5b475b26ab8cd9Http://ctldl.win
Key words: Ssl,pki,macHope: SSL uses data encryption, authentication and message integrity verification mechanisms to provide reliable connection security based on TCP and other application layer protocols.This article describes the SSL backend, security mechanisms, work processes, and typical network applications.Abbreviations:
Abbreviations
English full Name
Chinese explanation
Aes
Advanced Encrypti
to enable ssl. If not, recompile and install mysql. Note that the parameters are correct when makefile is generated.Exit mysql and edit/etc/my. cnf.Add the following configuration information between [mysqld] and [mysqldump:
ssl
Save and restart mysql. log on to mysql again.
mysql -uroot -pmysql> show variables like '%ssl%';
+---------------+-------+ | Variable_name | Value | +---------------+-------+ | have_openssl | YES | | have_ssl | YES | | ssl_ca | | | ssl_capath | | | ssl_c
/
file:///media/cdrecorder/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/rpm-gpg-key-centos-5
Modify the 2nd path in BaseURL to/mnt/cdrom (that is, the disc mount point)
Change Enabled=0 to 1
3, disable the default Yum network source
Change the Yum network source profile to Centos-base.repo.bak, or you will first look for the appropriate package in the network source and read it directly from the loca
1. set up a CA server [root @ zzu ~] # Yuminstallopenssl * [root @ zzu ~] # Cd/etc/pki/[root @ zzupki] # vimtls/openssl. cnf45dir/etc/pki/CA88countryNameop...
1. set up a CA server [root @ zzu ~] # Yum install openssl * [root @ zzu ~] # Cd/etc/pki/[root @ zzu pki] # vim tls/openssl. cnf45 dir =/etc/
/mykey.private-pubout-out/root/mykey.public
Ca
Public authoritative CA
Private CA
How to build your own CA:
Openssl
OpenCA: The OpenSSL of two times package.
Configuration file:/etc/pki/tls/openssl.cnf
How to build a private CA:
Generate a self-signed certificate on the server that confirms that it is configured as a CA and provide the require
-$basearch-debugbaseurl=file:///yum/serverenabled=1gpgcheck=1gpgkey=file:///etc/pki/rpm-gpg/ rpm-gpg-key-redhat-release[rhel-vt]name=red Hat Enterprise Linux $releasever-$basearch-debugbaseurl=file:///yum/ Vtenabled=1gpgcheck=1gpgkey=file:///etc/pki/rpm-gpg/rpm-gpg-key-redhat-release[rhel-cluster]name=red Hat Enterprise Linux $releasever-$basearch-debugbaseurl=file:///yum/clusterenabled=1gpgcheck=1gpgkey=fi
encryption is non-reversible encryption, which is a non-decrypted encryption method that extracts the fingerprint of the data. The common encryption algorithm has MD5, SHA, HMAC three kinds of encryption algorithm. We usually only use them as the basis for encryption, pure three kinds of encryption is not reliable.One-way encryption such as:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/73/DD/wKiom1YI3ZehpnMxAAB1fTgDh_Q522.jpg "title=" 3.png " alt= "Wkiom1yi3zehpnmx
that when generating makefile the correct parameters are filled in.Exit MySQL, edit/etc/my.cnfBetween [mysqld] and [mysqldump], add the following configuration information:
Ssl
Restart MySQL after saving and login to MySQL again
Mysql-uroot-p
mysql> Show variables like '%ssl% ';
+---------------+-------+
| variable_name | Value |
+---------------+-------+
| have_openssl | YES |
| Have_ssl | YES | | ssl_ca | | | ssl_capath | | |
ssl_ cipher | | | |
ss
to the database.
3. Configure WordPress
Access to WP directory
# cd/web/vhosts/wp
Copy a profile and rename it to the standard name of the configuration file
# CP wp-config-sample.php wp-config.php
Edit configuration file
# vim/web/vhosts/wp/wp-config.php
Modify the corresponding value.
Access to wp.buybybuy.com and dz.buybybuy.com displays the installation interface. Use the previously set parameters for installation.
Eight, configure HTTPS for pma.buybybuy.com
1. Make sur
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.