{"id":617,"date":"2014-07-27T09:00:16","date_gmt":"2014-07-27T01:00:16","guid":{"rendered":"http:\/\/www.yusian.com\/blog\/?p=617"},"modified":"2016-07-15T17:29:56","modified_gmt":"2016-07-15T09:29:56","slug":"%e8%ae%a9centos%e6%9c%8d%e5%8a%a1%e5%99%a8%e6%94%af%e6%8c%81https%ef%bc%88%e5%ae%89%e5%85%a8http%e5%8d%8f%e8%ae%ae","status":"publish","type":"post","link":"https:\/\/www.yusian.com\/blog\/centos\/2014\/07\/27\/090016617.html","title":{"rendered":"\u8ba9CentOS\u670d\u52a1\u5668\u652f\u6301https\uff08\u5b89\u5168http\u534f\u8bae)"},"content":{"rendered":"

1\u3001\u5b89\u88c5mod_ssl<\/strong><\/p>\n

\u901a\u8fc7yum\u6765\u5728\u7ebf\u5b89\u88c5mod_ssl
\n[root@Crayfish home]# yum -y install mod_ssl <\/span>? ???\u2190 \u5728\u7ebf\u5b89\u88c5mod_ssl
\nLoaded plugins: security
\nbase? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ? | 3.7 kB? ???00:00
\nepel? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ? | 4.4 kB? ???00:00
\nextras? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ???| 3.4 kB? ???00:00
\nupdates? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ? | 3.4 kB? ???00:00
\nSetting up Install Process
\nResolving Dependencies
\n–> Running transaction check
\n—> Package mod_ssl.x86_64 1:2.2.15-31.el6.centos will be installed
\n–> Finished Dependency Resolution<\/span><\/i><\/p>\n

Dependencies Resolved<\/p>\n

====================================================================================================
\nPackage? ?? ?? ?? ?Arch? ?? ?? ?? ???Version? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?Repository? ?? ?? ? Size
\n====================================================================================================
\nInstalling:
\nmod_ssl? ?? ?? ?? ?x86_64? ?? ?? ?? ?1:2.2.15-31.el6.centos? ?? ?? ?? ?? ?updates? ?? ?? ?? ? 91 k<\/p>\n

Transaction Summary
\n====================================================================================================
\nInstall? ?? ? 1 Package(s)<\/p>\n

Total download size: 91 k
\nInstalled size: 183 k
\nDownloading Packages:
\nmod_ssl-2.2.15-31.el6.centos.x86_64.rpm? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ???|??91 kB? ???00:00
\nRunning rpm_check_debug
\nRunning Transaction Test
\nTransaction Test Succeeded
\nRunning Transaction
\nInstalling : 1:mod_ssl-2.2.15-31.el6.centos.x86_64? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ???1\/1
\nVerifying??: 1:mod_ssl-2.2.15-31.el6.centos.x86_64? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ???1\/1<\/p>\n

Installed:
\nmod_ssl.x86_64 1:2.2.15-31.el6.centos<\/p>\n

Complete!<\/p>\n

2\u3001HTTP \u670d\u52a1\u5668\u4e0a\u914d\u7f6emod_ssl<\/strong><\/p>\n

[1] \u5efa\u7acb\u670d\u52a1\u5668\u5bc6\u94a5<\/strong><\/p>\n

[root@Crayfish home]#??cd \/etc\/pki\/tls\/certs\/<\/span>\u3000 \u2190 \u8fdb\u5165HTTP\u670d\u52a1\u5668\u914d\u7f6e\u6587\u4ef6\u6240\u5728\u76ee\u5f55
\n[root@Crayfish certs]#??make server.key<\/span>\u3000 \u2190 \u5efa\u7acb\u670d\u52a1\u5668\u5bc6\u94a5umask 77 ; \\<\/i><\/span>
\n? ?? ???\/usr\/bin\/openssl genrsa -aes128 2048 > server.key<\/i><\/span>
\nGenerating RSA private key, 2048 bit long modulus<\/i><\/span>
\n………………………………………………………………………………………………………………………………………………………………………………………………………….+++<\/i><\/span>
\n…………………………………………………………………………+++<\/i><\/span>
\ne is 65537 (0x10001)<\/i><\/span>
\nEnter pass phrase:\u3000? ?? ?? ?? ?? ?? ?? ?\u2190 \u5728\u8fd9\u91cc\u8f93\u5165\u53e3\u4ee4
\nVerifying – Enter pass phrase:\u3000??\u2190 \u786e\u8ba4\u53e3\u4ee4\uff0c\u518d\u6b21\u8f93\u5165
\n[root@Crayfish certs]# openssl rsa -in server.key -out server.key \u3000 \u2190 \u4ece\u5bc6\u94a5\u4e2d\u5220\u9664\u5bc6\u7801\uff08\u4ee5\u907f\u514d\u7cfb\u7edf\u542f\u52a8\u540e\u88ab\u8be2\u95ee\u53e3\u4ee4\uff09
\nEnter pass phrase for server.key:\u3000 \u2190 \u8f93\u5165\u53e3\u4ee4
\nwriting RSA key<\/span><\/i><\/p>\n

[2] \u5efa\u7acb\u670d\u52a1\u5668\u516c\u94a5<\/strong><\/p>\n

[root@Crayfish certs]# make server.csr<\/span>\u3000 \u2190 \u5efa\u7acb\u670d\u52a1\u5668\u5bc6\u94a5
\numask 77 ; \\
\n\/usr\/bin\/openssl req -utf8 -new -key server.key -out server.csr
\nYou are about to be asked to enter information that will be incorporated
\ninto your certificate request.
\nWhat you are about to enter is what is called a Distinguished Name or a DN.
\nThere are quite a few fields but you can leave some blank
\nFor some fields there will be a default value,
\nIf you enter ‘.’, the field will be left blank.
\n—–
\n<\/span><\/i>Country Name (2 letter code) [XX]:CN<\/span>\u3000 \u2190 \u8f93\u5165\u56fd\u540d
\nState or Province Name (full name) []:HuNan<\/span>\u3000 \u2190 \u8f93\u5165\u7701\u540d
\nLocality Name (eg, city) [Default City]:ChangSha<\/span>\u3000 \u2190 \u8f93\u5165\u57ce\u5e02\u540d
\nOrganization Name (eg, company) [Default Company Ltd]:www.example.com\u3000 \u2190 \u8f93\u5165\u7ec4\u7ec7\u540d\uff08\u4efb\u610f\uff09
\nOrganizational Unit Name (eg, section) []:\u3000 \u2190 \u4e0d\u8f93\u5165\uff0c\u76f4\u63a5\u56de\u8f66
\nCommon Name (eg, your name or your server’s hostname) []:www.example.com<\/span>\u3000 \u2190 \u8f93\u5165\u901a\u79f0\uff08\u4efb\u610f\uff09
\nEmail Address []:example@abc.com<\/span> \u3000 \u2190 \u8f93\u5165\u7535\u5b50\u90ae\u7bb1\u5730\u5740<\/p>\n

Please enter the following ‘extra’ attributes<\/i><\/span>
\nto be sent with your certificate request<\/i><\/span><\/p>\n

A challenge password []:\u3000 \u2190 \u4e0d\u8f93\u5165\uff0c\u76f4\u63a5\u56de\u8f66
\nAn optional company name []: \u3000 \u2190 \u4e0d\u8f93\u5165\uff0c\u76f4\u63a5\u56de\u8f66<\/p>\n

[3] \u5efa\u7acb\u670d\u52a1\u5668\u8bc1\u4e66<\/strong><\/p>\n

[root@Crayfish certs]#??openssl x509 -in server.csr -out server.pem -req -signkey server.key -days 365<\/span>\u3000 \u2190 \u5efa\u7acb\u670d\u52a1\u5668\u8bc1\u4e66<\/p>\n

Signature ok
\nsubject=\/C=CN\/ST=HuNan\/L=ChangSha\/O=www.example.com\/CN=www.example.com\/emailAddress=example@abc.com
\nGetting Private key<\/span><\/i>Signature ok
\n<\/span><\/i>
\n[root@Crayfish certs]#??chmod 400 server.*<\/span>? ? \u2190 \u4fee\u6539\u6743\u9650\u4e3a400<\/p>\n

[4] \u8bbe\u7f6eSSL<\/strong><\/p>\n

[root@Crayfish certs]#??vi \/etc\/httpd\/conf.d\/ssl.conf<\/span>\u3000 \u2190 \u4fee\u6539SSL\u7684\u8bbe\u7f6e\u6587\u4ef6
\n#DocumentRoot “\/var\/www\/html”\u3000 \u2190 \u627e\u5230\u8fd9\u4e00\u884c\uff0c\u5c06\u884c\u9996\u7684\u201c#\u201d\u53bb\u6389
\nDocumentRoot “\/var\/www\/html”<\/span>\u3000 \u2190 \u53d8\u4e3a\u6b64\u72b6\u6001<\/p>\n

[5] \u91cd\u65b0\u542f\u52a8HTTP\u670d\u52a1\uff0c\u8ba9SSL\u751f\u6548<\/strong>
\n[root@Crayfish certs]# service httpd restart<\/span>
\nStopping httpd:? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ???[??OK??]<\/i><\/span>
\nStarting httpd: httpd: apr_sockaddr_info_get() failed for Crayfish<\/i><\/span>
\nhttpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1 for ServerName<\/i><\/span>
\n? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ???[??OK??]<\/i><\/span>
\n[root@Crayfish conf.d]#<\/p>\n","protected":false},"excerpt":{"rendered":"

1\u3001\u5b89\u88c5mod_ssl \u901a\u8fc7yum\u6765\u5728\u7ebf\u5b89\u88c5mod_ssl [root@Crayfish home]# yum -y install mod_ssl ? ???\u2190 \u5728\u7ebf\u5b89\u88c5mod_ssl Loaded plugins: security base? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ? | 3.7 kB? ???00:00 epel? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[7],"class_list":["post-617","post","type-post","status-publish","format-standard","hentry","category-centos","tag-apache"],"_links":{"self":[{"href":"https:\/\/www.yusian.com\/blog\/wp-json\/wp\/v2\/posts\/617","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.yusian.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.yusian.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.yusian.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.yusian.com\/blog\/wp-json\/wp\/v2\/comments?post=617"}],"version-history":[{"count":0,"href":"https:\/\/www.yusian.com\/blog\/wp-json\/wp\/v2\/posts\/617\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.yusian.com\/blog\/wp-json\/wp\/v2\/media?parent=617"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.yusian.com\/blog\/wp-json\/wp\/v2\/categories?post=617"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.yusian.com\/blog\/wp-json\/wp\/v2\/tags?post=617"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}