第一步:设置虚拟主机

 首先在/

监听两个端口,用于开启两个页面;

 Listen  172.16.249.139:80

  Listen  172.16.249.139:80

将主路径取消

 #DocumentRoot "/var/www/html"

设置虚拟主机以及IP

 NameVirtualHost 172.16.249.139:80

设置两个虚拟主机

<VirtualHost *:80>

    ServerAdmin webadmin@a.com

    DocumentRoot /vhost/a.com/htdoc/

    ServerName www.a.com

    ErrorLog logs/www.a.com-error_log

    CustomLog logs/www.a.com-access_log combined

</VirtualHost>


<VirtualHost *:80>

    ServerAdmin webadmin@b.tv

    DocumentRoot /vhost/b.tv/htdoc/

    ServerName www.b.tv

    ErrorLog logs/www.b.tv-error_log

    CustomLog logs/www.b.tv-access_log combined

</VirtualHost>

然后创建两个虚拟主机的路径/vhost/a.com/htdoc/和/vhost/b.tv/htdoc/,在两个路径下可以分别写一个index.html的测试页面。任何重启服务service httpd restart.

 这样虚拟主机就设置完成。可以在浏览器中输入172.16.249.139和172.16.249.139:8080这样就可以看到两个页面。


第二步

  下载wordpress-3.3.1-zh_CN.zip至/vhost/a.com/htdoc/,然后解压,得到wordpress目录,将目录下的cp wp-config-sample.php wp-config.php

  编辑 vim wp-config.php 更改数据库名称以及用户和密码

  

/** WordPress 数据库的名称 */

define('DB_NAME', 'wordpress');


/** MySQL 数据库用户名 */

define('DB_USER', 'user1');


/** MySQL 数据库密码 */

define('DB_PASSWORD', 'user');

然后进入mysql,创建数据库以及账号密码的输入,如下图:

wKioL1VEkoSDeWSSAAKxUO12nOM921.jpg

然后成功登陆网页如下图:

wKiom1VEkengUw3zAAPr4X1nlgQ411.jpg

然后添加phpMYadmin于网页,首先下载lftp 172.16.0.1:/pub/Sources/sources/php> mget phpMyAdmin-4.0.5-all-languages.zip,放置于/vhost/b.tv/htdoc/目录下,unzip解压,由于文件名过长,我在这里用软链接:

[root@www htdoc]# ln -sv phpMyAdmin-4.0.5-all-languages/ pma

`pma' -> `phpMyAdmin-4.0.5-all-languages/'

登陆网页得到如下页面,还需要安装mbstring。

wKiom1VElHXT0AKKAADzzusNE0U134.jpg

安装yum install mbstring,重启服务service httpd restart后得到下面页面:

wKiom1VEmRTQxQo5AAFLzStuVqg396.jpg


第三步  建立openssl      
                             1、服务器生成私钥

cd /etc/pki/CA/

[root@localhost CA]# (umask 077; openssl genrsa -out private/cakey.pem 2028)

Generating RSA private key, 2028 bit long modulus

..............................+++

..............................................................+++

 

2、生成自签证书

[root@localhost CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 10000

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [GB]:CN

State or Province Name (full name) [Berkshire]:HN

Locality Name (eg, city) [Newbury]:ZZ

Organization Name (eg, company) [My Company Ltd]:magedu.com   

Organizational Unit Name (eg, section) []:Ops

Common Name (eg, your name or your server's hostname) []:ca.magedu.com

Email Address []:

 

3、添加配置文件

[root@localhost CA]# touch index.txt

[root@localhost CA]# echo 01 > serial

 

4、在客户端生成私钥

[root@www ~]# cd /etc/httpd/

[root@www httpd]# mkdir ssl

[root@www httpd]# cd ssl/

[root@www ssl]# ls

[root@www ssl]# (umask 077; openssl genrsa -out httpds.key 1024)

Generating RSA private key, 1024 bit long modulus

.....................................................++++++

..........................++++++

e is 65537 (0x10001)

 

5、生成客户端证书签署请求

[root@www ssl]# openssl req -new -key httpds.key -out httpds.csr

 

6、发送至服务器端

[root@www ssl]# scp httpds.csr root@172.16.18.10:/tmp

 

7、在服务器端签发证书

openssl ca -in httpds.csr -out http.crt -days 1000

 

8、将签好的证书发还请求端

scp httpd.crt root@172.16.249.139:/etc/httpd/ssl

 

9、安装ssl的模块yum -y install mod_ssl

 

10、在/etc/httpd/conf.d下将配置文件ssl.conf复制一份,然后配置文件

wKioL1VE192gGmldAAArW0Ar5fo034.jpg

wKiom1VE1nGQiZdcAAH1VgJK3DM906.jpg

            11、openssl s_client -connect www.b.tv:443 -CAfile /tmp/cacert.pem

                通过这指令可以来测试是否有效。

            12、得到下面有效网页,如下图:

wKiom1VE1xXS_AGWAAFcecjhgYY220.jpg