當前位置：首頁 > 编程资源 > 编程问答 >内容正文

编程问答

rhel5.5_Apache配置openssl支持https服务

發布時間：2025/3/18 编程问答 31 豆豆

生活随笔收集整理的這篇文章主要介紹了 rhel5.5_Apache配置openssl支持https服务小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

《rhel5.5_Apache配置openssl支持https服務》

1：切換到openssl證書目錄：
# cd /etc/pki/tls/certs

2：創建私鑰：
# make server.key
umask 77 ; ＼
??? /usr/bin/openssl genrsa -des3 1024 > server.key
Generating RSA private key, 1024 bit long modulus
.++++++
...++++++
e is 65537 (0x10001)
Enter pass phrase:? 123456
Verifying - Enter pass phrase:? 123456

3：重寫私鑰，清除密碼，讓httpd啟動時不必輸入密碼
# openssl rsa -in server.key -out server.key
Enter pass phrase for server.key: 123456
writing RSA key

4：證書簽發請求(Certificate Signing Request) (CSR)
# make server.csr
umask 77 ; ＼
??? /usr/bin/openssl req -utf8 -new -key server.key -out server.csr
Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ’.’, the field will be left blank.
-----
Country Name (2 letter code) [GB]:cn
State or Province Name (full name) [Berkshire]:fujian
Locality Name (eg, city) [Newbury]:xiamen
Organization Name (eg, company) [My Company Ltd]:xmu
Organizational Unit Name (eg, section) []:eda
Common Name (eg, your name or your server’s hostname) []:192.168.1.105???? (注: 此處應與httpd.conf中的ServerName一致, 否則提示證書錯誤)
Email Address []:clough@eda.com
Please enter the following ’extra’ attributes
to be sent with your certificate request
A challenge password []:cliff
An optional company name []:xmu

5：給自己創建CA并簽名
# openssl x509 -in server.csr -req -signkey server.key -days 365 -out server.crt
Signature ok
subject=/C=cn/ST=fujian/L=xiamen/O=lexie/OU=lexie/CN=192.168.1.105/emailAddress=clough@sohu.com
Getting Private key

6：調整/etc/httpd/conf.d/ssl.conf正確引用上面創建的證書。
# vi /etc/httpd/conf.d/ssl.conf

SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/certs/server.key

7: 啟動服務
# service httpd restart

8: 如此尚不能同時支持http和https, 待補充.

總結

以上是生活随笔為你收集整理的rhel5.5_Apache配置openssl支持https服务的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。

上一篇： rhel5.5安装vsftpd并配置虚拟
下一篇： virtualbox4 剪贴板(共享粘贴