rhel5.5_Apache配置openssl支持https服务
来源:互联网 发布:怎么看淘宝客昵称 编辑:程序博客网 时间:2024/05/18 02:27
《rhel5.5_Apache配置openssl支持https服务》
1:切换到openssl证书目录:
# cd /etc/pki/tls/certs
2:创建私钥:
# make server.key
umask 77 ; \
/usr/bin/openssl genrsa -des3 1024 > server.key
Generating RSA private key, 1024 bit long modulus
.++++++
...++++++
e is 65537 (0x10001)
Enter pass phrase: 123456
Verifying - Enter pass phrase: 123456
3:重写私钥,清除密码,让httpd启动时不必输入密码
# openssl rsa -in server.key -out server.key
Enter pass phrase for server.key: 123456
writing RSA key
4:证书签发请求(Certificate Signing Request) (CSR)
# make server.csr
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key server.key -out server.csr
Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ’.’, the field will be left blank.
-----
Country Name (2 letter code) [GB]:cn
State or Province Name (full name) [Berkshire]:fujian
Locality Name (eg, city) [Newbury]:xiamen
Organization Name (eg, company) [My Company Ltd]:xmu
Organizational Unit Name (eg, section) []:eda
Common Name (eg, your name or your server’s hostname) []:192.168.1.105 (注: 此处应与httpd.conf中的ServerName一致, 否则提示证书错误)
Email Address []:clough@eda.com
Please enter the following ’extra’ attributes
to be sent with your certificate request
A challenge password []:cliff
An optional company name []:xmu
5:给自己创建CA并签名
# openssl x509 -in server.csr -req -signkey server.key -days 365 -out server.crt
Signature ok
subject=/C=cn/ST=fujian/L=xiamen/O=lexie/OU=lexie/CN=192.168.1.105/emailAddress=clough@sohu.com
Getting Private key
6:调整/etc/httpd/conf.d/ssl.conf正确引用上面创建的证书。
# vi /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/certs/server.key
7: 启动服务
# service httpd restart
8: 如此尚不能同时支持http和https, 待补充.
- rhel5.5_Apache配置openssl支持https服务
- 安装基于openssl的https服务配置
- 基于openssl的https服务的配置
- Rhel5 配置NTP服务
- Libcurl中配置openssl使其支持https
- Nginx + Tomcat + Openssl 配置https的web服务
- 用OpenSSL配置HTTPS
- openssl + tomcat 配置https
- RHEL5中配置DHCP服务
- RHEL5中配置NIS服务
- RHEL5 telnet服务 安装配置
- RHEL5.4配置NFS服务
- RHEL5中配置NIS服务
- 配置OC4J 10以支持https服务 以下是配置OC4J 10以支持https服务的过程
- openssl命令生成公私钥、证书方法,apache/tomcat支持https的证书配置
- RHEL5.5安装中文支持
- rhel5.5配置yum
- Linux系统下Apache+OpenSSL源码安装并配置https服务
- 深入理解javascript中的闭包
- 程序员技术练级攻略
- 初始化速度的效率比拼
- 基本概念
- dedecms专题文章列表的模板修改
- rhel5.5_Apache配置openssl支持https服务
- foj1080奇怪的数列 foj2030括号匹配
- Android开源项目
- oracle索引的维护方法
- 让swing正确显示gif图片
- 试用谷歌和百度图片识别技术
- ORA-12514 TNS 监听程序当前无法识别连接描述符中请求服务 的解决方法
- webservice初次相识之薄纱美人
- Java关键字final、static,抽象类,接口使用总结收藏