Nainstalování ssl https serveru Apache na CentOS
Nainstaluj ssl mod do apache:
yum install mod_ssl opensslGeneruj a self-signed certifikát
# Generuj privatni key openssl genrsa -out ca.key 1024#Generuj CSR openssl req -new -key ca.key -out ca.csr #Generuj Self Signed Key openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt # Presun soubory do spravne lokace mv ca.crt /etc/pki/tls/certs mv ca.key /etc/pki/tls/private/ca.key mv ca.csr /etc/pki/tls/private/ca.csrUprav konfigurační soubor apache ssl:
vi +/SSLCertificateFile /etc/httpd/conf.d/ssl.confZmen cesty na spravne.
SSLCertificateFile /etc/pki/tls/certs/ca.crtThen set the correct path for the Certificate Key File a few lines below. If you've followed the instructions above it is:
SSLCertificateKeyFile /etc/pki/tls/private/ca.keyQuit (Save a Exit vw vi je: :wq)
a pak restartuj apache:
service httpd restart
/etc/init.d/httpd restart3. Nastav virtual hosty
priklad:<VirtualHost *:80> <Directory /var/www/vhosts/yoursite.com/httpdocs> AllowOverride All </Directory> DocumentRoot /var/www/vhosts/yoursite.com/httpdocs ServerName yoursite.com </VirtualHost>NameVirtualHost *:443 <VirtualHost *:443> SSLEngine on SSLCertificateFile /etc/pki/tls/certs/ca.crt SSLCertificateKeyFile /etc/pki/tls/private/ca.key <Directory /var/www/vhosts/yoursite.com/httpsdocs> AllowOverride All </Directory> DocumentRoot /var/www/vhosts/yoursite.com/httpsdocs ServerName yoursite.com </VirtualHost>Restartuj Apache:
/etc/init.d/httpd restart
4. Konfiguruj firewall
iptables -A INPUT -p tcp --dport 443 -j ACCEPT /sbin/service iptables save iptables -L -vZ
Trackbacks for this post