1. enable the module ssl by:

sudo a2enmod ssl

2.after you have enabled module ssl , you will have to restart the web server for the change to be recognized:

sudo service apache2 restart

now ,the web server is able to handle ssl

3. create a directory to place the certificate files that will be maked:

sudo mkdir /etc/apache2/ssl

4.create our key and certificate

sudo openssl req -x509 -nodes -days  -newkey rsa: -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

let's go over what this means :

  • openssl: This is the basic command line tool provided by OpenSSL to create and manage certificates, keys, signing requests, etc.
  • req: This specifies a subcommand for X.509 certificate signing request (CSR) management. X.509 is a public key infrastructure standard that SSL adheres to for its key and certificate managment. Since we are wanting to create a new X.509 certificate, this is what we want.
  • -x509: This option specifies that we want to make a self-signed certificate file instead of generating a certificate request.
  • -nodes: This option tells OpenSSL that we do not wish to secure our key file with a passphrase. Having a password protected key file would get in the way of Apache starting automatically as we would have to enter the password every time the service restarts.
  • -days 365: This specifies that the certificate we are creating will be valid for one year.
  • -newkey rsa:2048: This option will create the certificate request and a new private key at the same time. This is necessary since we didn't create a private key in advance. The rsa:2048 tells OpenSSL to generate an RSA key that is 2048 bits long.
  • -keyout: This parameter names the output file for the private key file that is being created.
  • -out: This option names the output file for the certificate that we are generating.

  when you hit "ENTER" , you will be asked some questions , answer it ....

  then, the key and certificate will be created and placed in the /etc/apache2/ssl directory

  now ! ! ! ! ! ! ! ! ! !  ! we will configure apache to use ssl

  open the file with your editor

  

sudo vi /etc/apache2/site-available/default-ssl.conf

what we should modify is the content with red

<IfModule mod_ssl.c>
<VirtualHost _default_:>
ServerAdmin admin@example.com
ServerName your_domain.com
ServerAlias www.your_domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>

save and exit the file when you finished

then we enable it by:

sudo a2ensite default-ssl.conf

restart our web server

sudo service apache2 restart

now you can test it in your explorer

https://server_domain_name_or_IP:443

ubuntu apache2 https的更多相关文章

  1. ubuntu apache2 ssl配置

    Ubuntu下HTTPS配置非常简单,对大部分用户而言,使用普通的自签名证书,只需按照步骤进行就可以了,无需了解密钥.证书的更多知识,更深的背景 知识还有RSA算法.DES算法.X509规范.CA机构 ...

  2. Ubuntu下HTTPS配置

    Ubuntu下HTTPS配置非常简单,对大部分用户而言,使用普通的自签名证书,只需按照步骤进行就可以了,无需了解密钥.证书的更多知识,更深的背景知识还有RSA算法.DES算法.X509规范.CA机构. ...

  3. 转 - ubuntu apache2下目录结构

    ubuntu apache2下目录结构 原文:http://blog.csdn.net/jibcy/article/details/8060651 在Windows下,Apache的配置文件通常只有一 ...

  4. ubuntu apache2配置详解(含虚拟主机配置方法)

    ubuntu apache2配置详解(含虚拟主机配置方法) 在Windows下,Apache的配置文件通常只有一个,就是httpd.conf.但我在Ubuntu Linux上用apt-get inst ...

  5. ubuntu apache2下目录结构以及重写规则

    ubuntu apache2下目录结构 在Windows下,Apache的配置文件通常只有一个,就是httpd.conf.但我在Ubuntu Linux上用apt-get install apache ...

  6. ubuntu apache2 虚拟主机服务

    ubuntu apache2 虚拟主机服务 本次配置的是一个 ip 对应多个 虚拟主机 1:先检查 ubuntu server 是否已经安装了 apache2 web服务: apache2 -v 看到 ...

  7. 虚拟主机的搭建(ubuntu+apache2)

    搭建环境:windows+VMware(Ubuntu)+apache2.(同一IP,不同域名) 1:在VMware的虚拟机Ubuntu下安装apache2(怎么安装百度一下就能找到): 2: apac ...

  8. ubuntu+apache2设置访问、重定向到https

    环境:ubunt14裸机,apache2,php5 条件:证书(部分商家买域名送一年),域名,为了方便均在root用户下进行的 web目录:/var/www/test 证书目录(自建):/etc/ap ...

  9. ubuntu apache2 wsgi 部署django

    入题 分为如下几步 1.安装python 2.安装django 3.安装wsgi,如有问题请参照上一篇 ubuntu 编译安装 mod_wsgi 4.与apache集成这里主要讲这部分 环境apach ...

随机推荐

  1. bzoj 2093 [Poi2010]Frog——滑动窗口

    题目:https://www.lydsy.com/JudgeOnline/problem.php?id=2093 找第k近的可以用一个含k个元素的滑动窗口来实现. 卡空间也还行,但卡时间.不要预处理倍 ...

  2. HDU1698(线段树入门题)

    Just a Hook Time Limit:2000MS     Memory Limit:32768KB     64bit IO Format:%I64d & %I64u Descrip ...

  3. 【转】 Pro Android学习笔记(三九):Fragment(4):基础小例子-续

    目录(?)[-] Step 3实现简介显示类DetailFragment 创建实例 编写所需的生命周期代码 Step 4实现showDetailint index如何管理fragment fragme ...

  4. LVS实战1

    (一).NAT模式:NAT模型:地址转换类型,主要是做地址转换,类似于iptables的DNAT类型,它通过多目标地址转换,来实现负载均衡:特点和要求: 1.LVS(Director)上面需要双网卡: ...

  5. Java变量初始化的讲解

    首先需要说明的是Java中的变量分为两种:成员变量和局部变量 其中成员变量又可分为:实例变量(非静态变量)和类变量(静态变量) 局部变量(局部变量的作用时间很短,所以一般是存储在栈中的): 1.形参在 ...

  6. HTTP 的若干问题

    1  HTTP无状态协议和Connection:Keep-Alive容易犯的误区 HTTP无状态:无状态是指协议对于事务处理没有记忆能力,服务器不知道客户端是什么状态.从另一方面讲,打开一个服务器上的 ...

  7. u-boot向linux内核传递启动参数

    U-BOOT 在启动内核时,会向内核传递一些参数.BootLoader 可以通过两种方法传递参数给内核,一种是旧的参数结构方式(parameter_struct),主要是 2.6 之前的内核使用的方式 ...

  8. Python函数(十一)-生成器

    首先看一下什么是列表生成式 >>> [i*2 for i in range(10)] [0, 2, 4, 6, 8, 10, 12, 14, 16, 18] >>> ...

  9. [.net] 无法创建虚拟目录。已将URL“XXX”映射到IIS Express网站上的一个不同的文件夹

    工作时,在修改项目属性,Web中服务器时,出现了下面的错误: 各种折腾后,找到下面的解决方法: 1.找到项目在本地的目录,目录下有当前项目的项目文件,文件名以.csproj为后缀名. 2.用文本编辑软 ...

  10. 将List中部分字段转换为DataTable中

    由于原来方法导出数据量比较大 的时候,出现卡顿现象:搜索简单改造:(下面方法借助NPIO) /// <summary> /// 将List中原文和译文转换为Datatable /// &l ...