|
|
apache httpd 服务添加ssl 443端口https 协议,并且http强制调转到https协议方法
' k8 }. m; A! R9 W5 f1 J: ]
- f* F A) a, i; O1、安装httpd服务 略3 [/ B. n8 c6 z% t
: Z; o% i- I# S( o1 x4 q' A& c
2、在httpd配置文件中添加下列参数:
# |: m+ Y/ s" r8 u) t9 ]& z8 X6 r4 T/ S<VirtualHost *:80>7 a% n- _& K: X. J* p4 U+ |6 P/ A
RewriteEngine on
) h/ m1 G5 v4 b* A. f0 ^& r' ~+ \5 M RewriteCond %{SERVER_PORT} !^443$+ F# @' A( d, R, O& p7 E+ \
RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
, W/ v( [- z0 n; j; ^3 E</VirtualHost>5 r. x& j( |' {- s7 n# ?5 Q
# \7 B6 V- a0 Q! B. ~" E% C! ~2 V4 m; q, p' E! k& _
3、在conf.d目录下创建extra文件夹;& O" D& r" V6 @! S I+ w
mkdir extra
. {" E* F8 Y# A, g, r# f% u添加httpd-ssl.conf文件; ]6 V' p9 h8 \! Q) _
<VirtualHost *:443> 9 m4 G: ^. s9 r8 t
ServerName localhost
# A. }& s3 Q- K! t( j( k& X DocumentRoot /var/www/html
# M- s8 r5 X/ r( D: K SSLEngine on 8 N* {, Y) E+ B8 o7 P5 \
SSLProtocol all -SSLv2 -SSLv3
' @% S/ ^; M8 ~( U7 Q SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM
3 H' I1 C; z- ?. Y0 P: M( f SSLHonorCipherOrder on( G' h6 T4 R2 s1 T' c
SSLCertificateFile cert/com.crt
7 ]7 U$ D+ T0 S1 x5 }, y0 h# ^ SSLCertificateKeyFile cert/com.key; s0 \# e2 G# T, t
SSLCertificateChainFile cert/com.crt1 l( g _5 W7 q% f- n
</VirtualHost> A" `' |& W6 n1 L
1 B* ~ g' E' j) E' ^" ~" C2 ]/ t0 \1 | ^, C* K: O- m, r
+ F' l. x, j) `! t9 q0 U
4、检查ssl证书和解密的文件:4 H: u# O- W, b7 S
创建目录:mkdir cert
4 }: Q7 a8 Q0 }0 ?' T放入文件。
$ q# s4 v! i4 z) q- m2 s* ?- ^$ \" A( w; G
& L) G. M) b8 A7 d# i+ p2 R重启httpd服务,即可。2 P% f0 e3 g3 O, f9 Q
7 V. I3 K8 |- c& | |
|
发表于 2024-1-12 15:00:00