apache配置ssl访问

linux
,

apache配置ssl的大致方法如下,具体的根据实际情况进行修改,仅供参考

修改httpd.conf的配置文件

1
2
3
4
5
6
7
vim $Apache_path/conf/httpd.conf
#将以下两行的"#"注释去掉
#Include conf/extra/httpd-vhosts.conf
#Include conf/extra/httpd-ssl.conf
修改后:
Include conf/extra/httpd-vhosts.conf
Include conf/extra/httpd-ssl.conf

配置虚拟主机文件

1
2
3
vim  $Apache_path/conf/httpd-ssl.conf(修改证书文件存放目录)
SSLCertificateFile "$Apache\_path/conf/ssl\_ca/server.crt"    #证书需要事先准备好
SSLCertificateKeyFile "$Apache\_path/conf/ssl\_ca/server.key"

配置具体的访问配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
vim $Apache_path/conf/httpd-vhosts.conf
NameVirtualHost *:443
#(此处原本是80端口,使用SSL需修改成443,或者在http.conf内添加一下内容,使用时将注释"#"去掉)
##NameVirtualHost *:443
#Listen 443
#    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot "/var/www/test"
    ServerName www.test.com
    ServerAlias *.test.com
    ErrorLog "$ErrorLog_Path"
    CustomLog "$AccessLog_Path" common
            Options Indexes FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
        ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot "/var/www/test"
    ServerName www.test.com:443
    #ServerAlias www.dummy-host.example.com
    SSLEngine on
    SSLCertificateFile "/data/apache2/conf/ssl_ca/server.crt"
    SSLCertificateKeyFile "/data/apache2/conf/ssl_ca/server.key"
    ErrorLog "$ErrorLog_Path"
    CustomLog "$AccessLog_Path" common
            Options Indexes FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all