本文详细介绍了在服务器上部署HTTPS的过程,包括必要的软件安装、证书下载、配置文件修改等关键步骤,确保网站安全传输。
准备
确保服务器安装了openssl和openssl-devel,httpd-devel,没有安装的话用yum安装一下
yum install openssl;
yum install openssl-devel;
yum install httpd-devel;
阿里云控制台下载证书
申请通过之后,签发了证书,我们就去控制台下载,下载Apache版本的证书就好了
下载后文件如下:
将证书文件导入到服务器
将xxxxx_chain.crt文件与xxxxx_public.crt 文件放入/etc/pki/tls/certs中
将xxxxx.key文件放入/etc/pki/tls/private中
修改ssl.conf
进入httpd中的conf.d文件夹中查看是否有ssl.conf,若无则执行 yum install mod_ssl openssl,完成之后进入httpd的conf.d文件中新增一个文件ssl.conf。(建议修改前做好备份)
文字如下
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
#SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateFile /etc/pki/tls/certs/2981799_www.xiaowojiaju.online_public.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
#SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLCertificateKeyFile /etc/pki/tls/private/2981799_www.xiaowojiaju.online.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
SSLCertificateChainFile /etc/pki/tls/certs/2981799_www.xiaowojiaju.online_chain.crt
配置vhost.conf
<VirtualHost *:80>
DocumentRoot "/home/maokun/website"
ServerName www.xiaowojiaju.online
DirectoryIndex index.php
<Directory "/home/maokun/website">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog /home/maokun/website/project-error_log
CustomLog /home/maokun/website/project-access_log common
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
ServerName www.xiaowojiaju.online
DocumentRoot "/home/maokun/website"
<Directory "/home/maokun/website">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
SSLCertificateFile /etc/pki/tls/certs/2981799_www.xiaowojiaju.online_public.crt
SSLCertificateKeyFile /etc/pki/tls/private/2981799_www.xiaowojiaju.online.key
SSLCertificateChainFile /etc/pki/tls/certs/2981799_www.xiaowojiaju.online_chain.crt
</VirtualHost>
注意:
-
当替换https后项目报错404需要看下vhost.conf中有无配置上述文字中的
<VirtualHost *:443>
xxxx
</ VirtualHost> -
当替换https后项目报错404需要看下vhost.conf中有无配置上述文字中的
<VirtualHost *:443>
xxxxx
<Directory “/home/maokun/website”>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</ Directory>
xxxxx
</ VirtualHost>
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
