apache ssl认证
(1)安装mod_ssl [root@nan83 html]# yum list|grep mod_ssl mod_ssl.x86_64 [root@nan83 html]# yum install mod_ssl.x86_64 (2)建立CA证书 //建立rsa私用密钥 [root@nan83 ~]# cd /etc/pki/tls/certs --密钥文件的存放地方 [root@nan83 certs]# make beer.key --创建Apache使用的私钥文件 umask 77 ; \ /usr/bin/openssl genrsa -aes128 2048 > beer.key --其实使用的是这句建立语句 Generating RSA private key, 2048 bit long modulus .........................................................+++ ..................................................+++ e is 65537 (0x10001) Enter pass phrase: Verifying - Enter pass phrase: 或使用下面语句建立: openssl genrsa -des3 -out beer.key 1024 //查看beer.key内容 [root@nan83 certs]# openssl rsa -noout -text -in beer.key (3)将建立的文件中的密码取消掉,不要密码存在 [root@nan83 certs]# mv beer.key beer.key.raw [root@nan83 certs]# openssl rsa -in beer.key.raw -out beer.key Enter pass phrase for beer.key.raw: writing RSA key [root@nan83 certs]# rm -f beer.key.raw [root@nan83 certs]# chmod 400 beer.key (4)创建所须要的最终文件 //利用CA的RSA密钥建立一个自签署的CA证书 [root@nan83 certs]# make beer.crt SERIAL=2014030601 umask 77 ; \ /usr/bin/openssl req -utf8 -new -key beer.key -x509 -days 365 -out beer.crt -set_serial 2014030601 You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:HeNan Locality Name (eg, city) [Default City]:LuoYang Organization Name (eg, company) [Default Company Ltd]:ShiWei Organizational Unit Name (eg, section) []:RuanJian Common Name (eg, your name or your server's hostname) []:Lsn Email Address []:lisn@ssr.com [root@nan83 certs]# chmod 400 beer* [root@nan83 certs]# ll beer* -r-------- 1 root root 1375 3月 6 09:16 beer.crt --最终证书文件 -r-------- 1 root root 1679 3月 6 09:09 beer.key --系统私钥文件 (5)修改ssl.cof的内容,使用自制证书 [root@nan83 certs]# vim /etc/httpd/conf.d/ssl.conf SSLCertificateFile /etc/pki/tls/certs/beer.crt SSLCertificateKeyFile /etc/pki/tls/certs/beer.key 测试: 在浏览器里输入“https://10.10.54.83”
相关文章
- 1. ssl认证
- 2. SSL 双向认证
- 3. SSL认证 步骤
- 4. SSL双向认证
- 5. apache htaccess认证
- 6. 【HTTPS】【免费SSL】Apache SSL证书安装
- 7. Kafka配置SSL认证
- 8. Linux Apache SSL证书安装
- 9. apache部署ssl证书
- 10. Apache 安装ssl证书
- 更多相关文章...
- • Docker 安装 Apache - Docker教程
- • MySQL默认值(DEFAULT) - MySQL教程
- • Tomcat学习笔记(史上最全tomcat学习笔记)
- • Spring Cloud 微服务实战(三) - 服务注册与发现
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
欢迎关注本站公众号,获取更多信息
相关文章
- 1. ssl认证
- 2. SSL 双向认证
- 3. SSL认证 步骤
- 4. SSL双向认证
- 5. apache htaccess认证
- 6. 【HTTPS】【免费SSL】Apache SSL证书安装
- 7. Kafka配置SSL认证
- 8. Linux Apache SSL证书安装
- 9. apache部署ssl证书
- 10. Apache 安装ssl证书