Linux服务器---apache支持SSL
原创
©著作权归作者所有:来自51CTO博客作者一生有你llx的原创作品,请联系作者获取转载授权,否则将追究法律责任
Apache支持ssl
1、检测是否安装ssl模块,如果没有就安装
[root@localhost cgi-bin]# rpm -qa | grep mod_ssl //查看是否安装ssl模块 [root@localhost cgi-bin]# yum install -y mod_ssl //安装ssl Loaded plugins: fastestmirror, refresh-packagekit, security Loading mirror speeds from cached hostfile Complete! [root@localhost cgi-bin]#
|
2、修改ssl的配置文件“/etc/httpd/conf.d/ssl.conf”如下,开启ssl,设置监听端口
[root@localhost ~]# gedit /etc/httpd/conf.d/ssl.conf # Do NOT simply read the instructions in here without understanding # what they do. They're here only as hints or reminders. If you are unsure # consult the online docs. You have been warned. LoadModule ssl_module modules/mod_ssl.so //开启ssl功能 # When we also provide SSL we have to listen to the # the HTTPS port in addition. Listen 443 //监听的端口
|
3、修改防火墙配置,开启对上面端口443的支持
1)在终端输入命令“setup”,在弹出的框中选择“防火墙”,接着选择“定制”
2)使用空格键选中”https“,接着选择“转发”
3)选择“添加“
4)添加端口443,协议tcp,然后确定
5)回到最初的界面,“确定”
6)重启防火墙
[root@localhost ~]# service iptables restart iptables:将链设置为政策 ACCEPT:filter nat [确定] iptables:清除防火墙规则: [确定] iptables:正在卸载模块: [确定] iptables:应用防火墙规则: [确定] [root@localhost ~]#
|
7)重启apache
[root@localhost ~]# service httpd restart 停止 httpd: [确定] 正在启动 httpd:httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName [确定] [root@localhost ~]#
|
4、测试
1)在浏览器输入https://127.0.0.1,注意必须是“https“ ,看到如下结果
2)选择“我已充分了解”,弹出如下对话框,选择“确认安全例外”就可以正常访问
做了一个Linux学习的平台,目前出来一个雏形,各位可以参考使用
链接:https://pan.baidu.com/s/1GOLVU2CbpBNGtunztVpaCQ 密码:n7bk
