apache、nginx配置自签名证书

一、apache：

2. 安装apache、ssl、opensslyum -y install httpd httpd-pear mod_ssl openssl
3. 生成证书文件openssl genrsa -out server.key 2048openssl req -new -key server.key -out server.crt
   此步骤需要输入一些证书信息：（如果不想输入，也可一路回车）
   Country Name (2 letter code) [XX]:CNState or Province Name (full name) []:shanghai Locality Name (eg, city) [Default City]:shanghai Organization Name (eg, company) [Default Company Ltd]:ccc Organizational Unit Name (eg, section) []:bbb Common Name (eg, your name or your server's hostname) []:www.test.com Email Address []:a@a.com
4. 移到证书文件到apache配置目录下mv {server.key,server.crt} /etc/httpd/conf/
5. 修改nginx配置文件：vim /etc/httpd/conf/httpd.conf
   
   修改为刚才生成证书文件的路径
6. 测试：
   
   二、nginx：
7. 生成私钥文件：openssl genrsa -des3 -out server.key 2048
8. 去除口令：mv server.key server.key.backopenssl rsa -in server.key.back -out server.key
9. 创建请求证书：openssl req -new -key server.key -out server.csr
10. 生成证书文件：openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
11. 修改nginx配置文件：ssl on;ssl_certificate /etc/nginx/server.crt; ssl_certificate_key /etc/nginx/server.key;
    
12. 测试：