jopa

CentOS7下Apache2.4.6证书安装及HTTP跳转HTTPS
先申请证书,参考博客:1.安装apacheyum install -y httpd 2.接下来我们要为apache...
扫描右侧二维码阅读全文
07
2018/02

CentOS7下Apache2.4.6证书安装及HTTP跳转HTTPS

先申请证书,参考博客:

1.安装apache

yum install -y httpd

2.接下来我们要为apache启用ssl,首先我们需要为Apache安装mod_ssl模块提供TLS/SSL功能:
https是通过mod_ssl实现的,因此检查并安装mod_ssl:

[root@host ~]# ls /etc/httpd/modules/ | grep "mod_ssl" #默认没有安装mod_ssl
[root@host ~]# yum list all mod_ssl  #查看mod_ssl的安装包信息
[root@host ~]# yum install -y mod_ssl  #安装mod_ssl

检查mod_ssl是安装结果

[root@host ~]# rpm -qc mod_ssl
/etc/httpd/conf.d/ssl.conf     #mod_ssl的配置文件存放位置
/etc/httpd/conf.modules.d/00-ssl.conf    

3.在Apache的安装目录新建ssl文件夹

mkdir /etc/httpd/conf/ssl

4.将申请的证书上传到ssl目录中
请输入图片描述

进入到/etc/httpd/conf.d目录编辑ssl配置文件

vim /etc/httpd/conf.d/ssl.conf #编辑SSL配置文件

pem文件及key文件的路径,根据自己的真实环境来定义

#   Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate.  If
# the certificate is encrypted, then you will be prompted for a
# pass phrase.  Note that a kill -HUP will prompt again.  A new
# certificate can be generated using the genkey(1) command.
SSLCertificateFile /etc/httpd/conf/ssl/full_chain.pem

#   Server Private Key:
#   If the key is not combined with the certificate, use this
#   directive to point at the key file.  Keep in mind that if
#   you've both a RSA and a DSA private key you can configure
#   both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/httpd/conf/ssl/private.key

配置完成后,重启Apache便可通过thhps访问了

设置自动将http跳转到https
1.修改Apache的配置文件

vim /etc/httpd/conf/httpd.conf

AllowOverride All #这里原先是None要改为All

2.在网站根目录下创建.htaccess文件,在最下面添加写入如下语句:

RewriteEngine on
RewriteBase / 
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

重启Apache即可

最后修改:2018 年 05 月 04 日 01 : 52 PM
如果觉得我的文章对你有用,请随意赞赏

发表评论