js9905com金沙网站CentOS 7 自生成证书配置SSL WEB

CentOS 7 自生成证书配置SSL WEB

# 安装Apache [[email protected] ~]# yum -y install httpd mod_ssl # 添加防火墙规则 [[email protected] ~]# firewall-cmd --permanent --add-server=80/tcp[[email protected] ~]# firewall-cmd --permanent --add-server=443/tcp[[email protected] ~]# firewall-cmd --permanent --add-server=8080/tcp;firewall-cmd --reload [[email protected] ~]# systemctl restart httpd;systemctl enable httpd



# 配置selinux安全上下文[[email protected] ~]# semanaga port -a -t http_port_t {80,443,8080} [[email protected] ssl]# mkdir /etc/httpd/ssl;cd /etc/httpd/ssl 

#生成KEY
[[email protected] ssl]#openssl genrsa -des3 -out vqiu.cn.key 2048
#去密码
[[email protected] ssl]#openssl rsa -in vqiu.cn.key -out vqiu.cn.key#生成证书签发请求和证书密钥
[[email protected] ssl]#openssl req -new -nodes -key vqiu.cn.key -out vqiu.cn.csr
#通过csr生成一个证书,以vqiu.cn为例
[[email protected] ssl]#openssl x509 -req -days 3650 -in vqiu.cn.csr -signkey vqiu.cn.key -out vqiu.cn.crt
#生成crt之后,csr可以进行删除[可略过]
[[email protected] ssl]#rm vqiu.cn.csr -f

[[email protected] ssl]# cat /etc/httpd/conf.d/vqiu.cn.conf<IfModule mod_ssl.c>        Listen 443 https</IfModule><VirtualHost _default_:443>        ServerName server0.vqiu.cn        DocumentRoot /var/www/html        SSLEngine on        SSLProtocol all -SSLv2        SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5        SSLCertificateFile /etc/httpd/ssl/vqiu.cn.crt        SSLCertificateKeyFile /etc/httpd/ssl/vqiu.cn.key</VirtualHost># 生成一个测试页面[[email protected] ssl]# echo "test">/var/www/html/index.html # 重启httpd服务[[email protected] ssl]# systemctl restart httpd 

js9905com金沙网站 1

7 自生成证书配置SSL WEB # 安装Apache [[email protected] ~]# yum -y install httpd mod_ssl # 添加防火墙规则 [[email protected] ~]# firewall-cmd --permanent --add-server=...

本文由js9905com金沙网站-金沙澳门手机版网址发布于计算机,转载请注明出处:js9905com金沙网站CentOS 7 自生成证书配置SSL WEB

您可能还会对下面的文章感兴趣: