分享一下我老师大神的人工智能教程!零基础,通俗易懂!http://blog.csdn.net/jiangjunshow
也欢迎大家转载本篇文章。分享知识,造福人民,实现我们中华民族伟大复兴!
Apache 搭建HTTPS Virtual Host
1.创建SSL证书
首先需要安装openssl,linux系统默认已安装,如没有则用以下命令安装:
sudo apt-get install opensslsudo apt-get install libssl-dev
创建证书:
cd /etc/ssl/privatesudo openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout demo.key -out demo.crt
参数说明:
-x509 显示证书和签名工具
-days 证书的有效期
-sha1 证书加密算法
-newkey rsa:1024 创建一个新key,1024表示公钥长度为1024bits
命令执行完会创建demo.key与demo.crt
更多参数说明可以参考:http://www.openssl.org/docs/apps/openssl.html
创建步骤:
root@ubuntu:/etc/ssl/private# sudo openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout demo.key -out demo.crtGenerating a 1024 bit RSA private key.......++++++...........++++++writing new private key to 'demo.key'-----You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [AU]:CNState or Province Name (full name) [Some-State]:GDLocality Name (eg, city) []:GZOrganization Name (eg, company) [Internet Widgits Pty Ltd]:fdipzone.LtdOrganizational Unit Name (eg, section) []:test Common Name (eg, YOUR name) []:demo.fdipzone.comEmail Address []:[email protected]@ubuntu:/etc/ssl/private#
需要填写的项目:
Country Name (2 letter code) [AU]: 国家
State or Province Name (full name) [Some-State]:省份
Locality Name (eg, city) []:城市
Organization Name (eg, company) [Internet Widgits Pty Ltd]:公司名称
Organizational Unit Name (eg, section) []: 组织单位名称
Common Name (eg, YOUR name) []: 填写域名
Email Address []:电邮地址
2.创建Virtual Host
<VirtualHost *:443> DocumentRoot /home/fdipzone/demo ServerName demo.fdipzone.com <Directory "/home/fdipzone/demo"> allow from all AllowOverride all Options -Indexes FollowSymLinks </Directory> SSLEngine on SSLCertificateFile /etc/ssl/private/demo.crt SSLCertificateKeyFile /etc/ssl/private/demo.key SSLCipherSuite AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5 SSLHonorCipherOrder on</VirtualHost>
开启SSL Engine及设置使用的证书,端口443
SSLEngine on
SSLCertificateFile /etc/ssl/private/demo.crt
SSLCertificateKeyFile /etc/ssl/private/demo.key