|
|
apache httpd 服务添加ssl 443端口https 协议,并且http强制调转到https协议方法" f2 e; [8 T1 w& A c# z4 R
# ^. c6 s4 P: b$ m, n
1、安装httpd服务 略1 A' C9 x7 _1 K7 k: o8 _( s
* F9 c# k7 u) M1 T2、在httpd配置文件中添加下列参数:
1 q% ^5 |' I6 [' l- D8 x<VirtualHost *:80>) h+ i$ T1 v& V4 \0 G) {$ b
RewriteEngine on- q. o# e) b, e# u8 K
RewriteCond %{SERVER_PORT} !^443$
) }! e( J5 y: p, n$ a6 H6 [ RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]( J! X% v, N1 |- F
</VirtualHost>. k- V# w3 l Y* X2 A) u
/ P8 l6 O5 l% B/ D9 k" Q" V
+ ~5 ~; ?1 q3 `/ K3、在conf.d目录下创建extra文件夹;4 o& g, B0 a5 M
mkdir extra % u: R- X0 n! Q+ K
添加httpd-ssl.conf文件
, s% X) s( C, C<VirtualHost *:443>
3 W/ U, y% a. M% T& i9 u9 `1 { ServerName localhost
* V4 A3 c7 l& @& [ L/ e+ Y7 N DocumentRoot /var/www/html ) _7 H7 m4 n# a5 ?0 c% s
SSLEngine on
1 R, c# b4 M c' w, a8 S SSLProtocol all -SSLv2 -SSLv3
1 Y9 W6 e9 t/ ^6 c, ? \' t; \/ o SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM
8 H2 N7 P9 e: T+ D; y$ M SSLHonorCipherOrder on; t, S$ n- t7 J7 ?! s* U
SSLCertificateFile cert/com.crt) t4 j& l' d: Q) j+ T2 r+ C, Y' c. [
SSLCertificateKeyFile cert/com.key
. W7 V% l+ c6 S$ W& O2 R; O/ R SSLCertificateChainFile cert/com.crt0 \% Y) m M1 k8 A. ?0 x4 |* ~
</VirtualHost> @* D' |7 J- _8 Q3 \
- U" A3 S/ q) C* P% W% U+ ?
9 z/ L5 T a! o' X) u* ^& h
1 h& W# e- M3 \. p4、检查ssl证书和解密的文件:' r6 f8 C! R3 f# |, G
创建目录:mkdir cert % ?1 _4 }) b1 b) x- j0 `0 L; u
放入文件。2 H, g( e+ z, i5 _% q7 H
0 q, S2 p6 \9 E
& F& P) S0 |8 {+ l# t" |
重启httpd服务,即可。: h$ |* b# o, V+ U! L2 G! D
9 m3 C2 M+ `$ z7 K& } |
|
发表于 2024-1-12 15:00:00