ubuntu apache2 https
1. enable the module ssl by:
sudo a2enmod ssl
2.after you have enabled module ssl , you will have to restart the web server for the change to be recognized:
sudo service apache2 restart
now ,the web server is able to handle ssl
3. create a directory to place the certificate files that will be maked:
sudo mkdir /etc/apache2/ssl
4.create our key and certificate
sudo openssl req -x509 -nodes -days -newkey rsa: -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
let's go over what this means :
- openssl: This is the basic command line tool provided by OpenSSL to create and manage certificates, keys, signing requests, etc.
- req: This specifies a subcommand for X.509 certificate signing request (CSR) management. X.509 is a public key infrastructure standard that SSL adheres to for its key and certificate managment. Since we are wanting to create a new X.509 certificate, this is what we want.
- -x509: This option specifies that we want to make a self-signed certificate file instead of generating a certificate request.
- -nodes: This option tells OpenSSL that we do not wish to secure our key file with a passphrase. Having a password protected key file would get in the way of Apache starting automatically as we would have to enter the password every time the service restarts.
- -days 365: This specifies that the certificate we are creating will be valid for one year.
- -newkey rsa:2048: This option will create the certificate request and a new private key at the same time. This is necessary since we didn't create a private key in advance. The
rsa:2048
tells OpenSSL to generate an RSA key that is 2048 bits long. - -keyout: This parameter names the output file for the private key file that is being created.
- -out: This option names the output file for the certificate that we are generating.
when you hit "ENTER" , you will be asked some questions , answer it ....
then, the key and certificate will be created and placed in the /etc/apache2/ssl directory
now ! ! ! ! ! ! ! ! ! ! ! we will configure apache to use ssl
open the file with your editor
sudo vi /etc/apache2/site-available/default-ssl.conf
what we should modify is the content with red
<IfModule mod_ssl.c>
<VirtualHost _default_:>
ServerAdmin admin@example.com
ServerName your_domain.com
ServerAlias www.your_domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>
save and exit the file when you finished
then we enable it by:
sudo a2ensite default-ssl.conf
restart our web server
sudo service apache2 restart
now you can test it in your explorer
https://server_domain_name_or_IP:443
ubuntu apache2 https的更多相关文章
- ubuntu apache2 ssl配置
Ubuntu下HTTPS配置非常简单,对大部分用户而言,使用普通的自签名证书,只需按照步骤进行就可以了,无需了解密钥.证书的更多知识,更深的背景 知识还有RSA算法.DES算法.X509规范.CA机构 ...
- Ubuntu下HTTPS配置
Ubuntu下HTTPS配置非常简单,对大部分用户而言,使用普通的自签名证书,只需按照步骤进行就可以了,无需了解密钥.证书的更多知识,更深的背景知识还有RSA算法.DES算法.X509规范.CA机构. ...
- 转 - ubuntu apache2下目录结构
ubuntu apache2下目录结构 原文:http://blog.csdn.net/jibcy/article/details/8060651 在Windows下,Apache的配置文件通常只有一 ...
- ubuntu apache2配置详解(含虚拟主机配置方法)
ubuntu apache2配置详解(含虚拟主机配置方法) 在Windows下,Apache的配置文件通常只有一个,就是httpd.conf.但我在Ubuntu Linux上用apt-get inst ...
- ubuntu apache2下目录结构以及重写规则
ubuntu apache2下目录结构 在Windows下,Apache的配置文件通常只有一个,就是httpd.conf.但我在Ubuntu Linux上用apt-get install apache ...
- ubuntu apache2 虚拟主机服务
ubuntu apache2 虚拟主机服务 本次配置的是一个 ip 对应多个 虚拟主机 1:先检查 ubuntu server 是否已经安装了 apache2 web服务: apache2 -v 看到 ...
- 虚拟主机的搭建(ubuntu+apache2)
搭建环境:windows+VMware(Ubuntu)+apache2.(同一IP,不同域名) 1:在VMware的虚拟机Ubuntu下安装apache2(怎么安装百度一下就能找到): 2: apac ...
- ubuntu+apache2设置访问、重定向到https
环境:ubunt14裸机,apache2,php5 条件:证书(部分商家买域名送一年),域名,为了方便均在root用户下进行的 web目录:/var/www/test 证书目录(自建):/etc/ap ...
- ubuntu apache2 wsgi 部署django
入题 分为如下几步 1.安装python 2.安装django 3.安装wsgi,如有问题请参照上一篇 ubuntu 编译安装 mod_wsgi 4.与apache集成这里主要讲这部分 环境apach ...
随机推荐
- 洛谷 2312 / bzoj 3751 解方程——取模
题目:https://www.luogu.org/problemnew/show/P2312 https://www.lydsy.com/JudgeOnline/problem.php?id=3751 ...
- JQUERYUI 框架 http://jqueryui.com/
http://jqueryui.com/
- node.js的国内源
node.js在使用npm安装包是,由于源是国外的,有可能会被GFW屏蔽. 通过下面的方法可以把源指向国内的. 具体方法如下: 编辑 ~/.npmrc 加入下面内容 registry = http:/ ...
- 2006浙大火星A+B
题目描述: 读入两个不超过25位的火星正整数A和B,计算A+B.需要注意的是:在火星上,整数不是单一进制的,第n位的进制就是第n个素数.例如:地球上的10进制数2,在火星上记为“1,0”,因为 ...
- mybatis 学习一 总体概述
mybatis使用起来不复杂,大体上来说,就是将db连接信息,所有的sql语句信息,都放到配置文件里面,然后去读配置信息,根据db信息,创建好session工厂,然后拿到sqlsession回话之后, ...
- LaTeX技巧203:如何实现等号对齐_LaTeX_Fun_新浪博客
LaTeX技巧203:如何实现等号对齐_LaTeX_Fun_新浪博客 我们在进行公式的输入排版的时候,通常希望公式比较齐整,所以需要一些等号对齐,或者左对齐,关于公式的左对齐前文已经介绍了方法.htt ...
- ssh的两种连接方法(包括无密码访问)
一.正常连接方法:ssh root@10.0.0.20 二.无密码连接方法(有两台机器:此处我把被连接的称为服务器,另一台则称为客户端): 1.先在服务器添加目录 .ssh: mkdir .ssh ...
- 服务器环境迁移,Linux centos7 64位 基础环境部署 jdk+tomcat+mysql+nginx
最近阿里云服务器到期,这个周末连夜将服务器迁移到美国去了,为什么迁移到美国去呢?主要是因为阿里云服务器费用高,另外网站的访问量不大,对网速要求也不高,主要是宣传和信息传递的作用,加上本人之前在***上 ...
- miRNA
MicroRNA (miRNA) 是一类内生的.长度约为20-24个核苷酸的小 RNA,其在细胞内具有多种重要的调节作用.每个 miRNA 可以有多个靶基因的表达,而几个 miRNA 也可以调节同一 ...
- 如何使用visual studio 2017创建C语言项目
使用visual studio 2017创建一个C语言项目,步骤如下: (1)打开Visual Studio 2017环境后出现欢迎界面,如图1所示. 图1 Visual Studio 2017欢迎 ...