内网合规证书https显示不安全问题解决故障现象:https页面显示不安全注:证书是合法且在有效期内的,使用nginx实现分析:1、 根源在于公司内网不联网,不能联网进行根证书认证2、 已确认公司内网已通过AD组策略推过root证书3、 AD管理员建议可能server上也需要添加root证书解决:将中间链证书内容复制粘贴到crt证书里,reload nginx解决再次访问已显示安全
Ubuntu18.04通过heartbeat实现HA:节点1(10.0.0.2):安装:apt-get install heartbeatcp -rv /usr/share/doc/heartbeat/authkeys /etc/ha.d/cp -rv /usr/share/doc/heartbeat/ha.cf.gz /etc/ha.d/cp -rv /usr/share/doc/heartbe
haproxy+keepalived实现高可用负载均衡:注:1、vip:10.0.0.52、10.0.0.11、10.0.0.12为后台webip3、server1、server2为haproxyipserver1:apt-getinstallhaproxyapt-getinstallkeepalivedvi/etc/haproxygloballog/dev/loglocal0log/dev/lo
CentOS7配置tomcathttps并改端口为443:安装tomcat:yuminstalltomcat(默认为tomcat7)配置tomcat证书(有公司httpskey、crt文件情况):opensslpkcs12-export-inming.crt-inkeyming.key-outming.p12-certfilegd_bundle-g2-g1.crt设置密码keytool-impor
HAProxy使用source模式做负载均衡:注:source模式为根据源IP分配后端服务器(为固定访问模式),有助于保持sessionvi/etc/haproxy/haproxy.cfgoptionhttplogoptionforwardforexcept127.0.0.0/8listenadmin_statsbind*:8888optionhttplogstatsrefresh30sstats
HAProxyhttp和https都使用modetcp模式:注:modetcp为4层,modehttp为7层vi/etc/haproxy/haproxy.cfgoptionhttplogoptionforwardforexcept127.0.0.0/8listenadmin_statsbind*:8888optionhttplogstatsrefresh30sstatsuri/haproxy?st
HAProxy同时对80和443做负载均衡:注:1、该操作依据Redhat/CentOS6系统2、https使用modetcp(不需要配置crt,使用实际web的crt)3、需注掉optionhttplog和optionforwardforexcept127.0.0.0/8vi/etc/haproxy/haproxy.cfgoptionhttplogoptionforwardforexcept12
通过HAProxy实现负载均衡:注:该操作依据Redhat/CentOS6系统yuminstallhaproxyservicehaproxystartchkconfig--level35haproxyonvi/etc/haproxy/haproxy.cfgfrontendmain*:80default_backendappbackendappbalanceroundrobinserverapp11
nginx80和443同时做负载均衡:vi/etc/nginx/conf.d/default.confupstreambugqa.ming.com{server10.0.0.3:80;server10.0.0.4:80;}server{listen80;location/{proxy_passhttp://bugqa.ming.com;proxy_set_headerHost$host;proxy
Ubuntu配置tomcat443(https):生成.keystore文件:keytool-genkey-aliastomcat-keyalgRSAEnterkeystorepassword:Re-enternewpassword:Whatisyourfirstandlastname?Whatisthenameofyourorganizationalunit?Whatisthenameofyou
Ubuntu搭建bugzilla:apt-getinstallapache2apt-getinstalllibapache2-mod-perl2a2enmodcgiapt-getinstallgccapt-getinstallmysql-server(中间会让设置mysql的root密码)mysql-uroot-p'xxxxx'createdatabasebugzilladefau
Ubuntu将tomcat7端口改为81:apt-getinstallauthbindvi/etc/default/tomcat7AUTHBIND=yes(默认为#AUTHBIND=no):wqvi/var/lib/tomcat7/conf/server.xml(默认为8080)<Connectorport="81"protocol="HTTP/1.1"
rabbitmq使用:安装:apt-getinstallrabbitmq-server启用页面访问:rabbitmq-pluginsenablerabbitmq_management访问:http://ip:15672默认用户密码均为guest,不过只能通过localhost登录用户:创建用户命令:rabbitmqctladd_useraaxxxx删除用户:rabbitmqctldelete_us
linux生成https的key和csr文件:# openssl genrsa -des3 -out aa.key 1024 (会提示设置密码)去除密码(不想去可不执行):# openssl rsa -in aa.key -out bugzilla.key生成.csr文件:# openssl req -new -key aa.key -out aa.csr中间除hostnam
gerrit web搭建手册安装openjdk 7# apt-get install openjdk-7-jdk 安装apache2# apt-get install apache2 安装PostgreSQL数据库# apt-get install postgresql# passwd postgres (修改postgres密码,默认为:postgres
apache安装webalizer步骤以Redhat为例:# yum install webalizer (搭建本地yum源略)# vi /etc/webalizer.conf (确保下面两行没问题)按a或i进入编辑模式LogFile /var/log/httpd/access_logOutputDir
Tomcat 安装webalizer(可以统计tomcat web的访问情况)安装tomcat7 略# apt-get install webalizer修改tomcat log格式# vi /var/lib/tomcat7/conf/server.conf (加上rotatable="false",在该文件最后) <Valve className="org.apach
Redhat 搭建bugzilla步骤:搭建本地yum(步骤略)# yum install httpd# yum install mod_perl# yum install perl-LDAP# yum install gcc# service httpd start# yum install mysql-server# service mysqld start# mysql -u root &n
Ubuntu搭建trac平台步骤:注:如果不用mysql模式,mysql相关均可不装# apt-get install apache2# apt-get install libapache2-mod-python# apt-get install libapache2-mod-authnz-external # a2enmod authnz_ldap# apt-get install m
Ubuntu搭建https步骤:# apt-get install apache2# apt-get install ssl-cert# apt-get install openssl开启SSL模块# a2enmod ssl# ln -s /etc/apache2/sites-available/default-ssl /etc/apache2/sites-enabled/
Ubuntu 修改tomcat端口# vi /etc/default/tomcat6按a进入编辑模式AUTHBIND=yes (默认为#AUTHBIND=no)按Esc键退出编辑模式:wq (保存并退出)然后再修改tomcat端口# vi /etc/tomcat6/server.xml按a进入编辑模式 <Connector port="80" protoc
Ubuntu 搭建LAMP平台$ sudo apt-get install apache2 $ sudo apt-get install mysql-server-5.5 (root密码随意,如:123456)$ sudo apt-get install php5 $ sudo apt-get install libapache2-mod-php5 (
禁用tomcat6的webdav模块:说明:开启webdav模块后可通过命令行或客户端对web进行在线上传、下载、修改、删除等操作,如控制不好会带来安全隐患# vi /var/lib/tomcat6/conf/web.conf (在<web-app 下添加)按a或i进入编辑模式 <security-constraint><we
Ubuntu 上ipvsadm负载均衡(DR模式,以80端口为例)说明:3台服务器,ip分别为:10.0.1.2 10.0.1.3 10.0.1.4 虚拟ip:10.0.1.10ipvsadm服务器(10.0.1.2)$ sudo apt-get install ipvsadm$ sudo ifconfig eth0:0 10.0.1.10 netmask 25
varnish(未成)
keepalived+haproxy
keepalived(热备份)
haproxy(简称HA)
https搭建(openssl)
web负载均衡(ipvsadm)(未成)
Copyright © 2005-2024 51CTO.COM 版权所有 京ICP证060544号