Apache 搭建HTTPS Virtual Host

分享一下我老师大神的人工智能教程！零基础，通俗易懂！http://blog.csdn.net/jiangjunshow

也欢迎大家转载本篇文章。分享知识，造福人民，实现我们中华民族伟大复兴！

               

Apache 搭建HTTPS Virtual Host

1.创建SSL证书

首先需要安装openssl，linux系统默认已安装，如没有则用以下命令安装：

sudo apt-get install opensslsudo apt-get install libssl-dev

创建证书：

cd /etc/ssl/privatesudo openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout demo.key -out demo.crt

参数说明：

-x509 显示证书和签名工具

-days 证书的有效期

-sha1 证书加密算法

-newkey rsa:1024 创建一个新key,1024表示公钥长度为1024bits

命令执行完会创建demo.key与demo.crt

更多参数说明可以参考：http://www.openssl.org/docs/apps/openssl.html

创建步骤：

root@ubuntu:/etc/ssl/private# sudo openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout demo.key -out demo.crtGenerating a 1024 bit RSA private key.......++++++...........++++++writing new private key to 'demo.key'-----You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [AU]:CNState or Province Name (full name) [Some-State]:GDLocality Name (eg, city) []:GZOrganization Name (eg, company) [Internet Widgits Pty Ltd]:fdipzone.LtdOrganizational Unit Name (eg, section) []:test         Common Name (eg, YOUR name) []:demo.fdipzone.comEmail Address []:[email protected]@ubuntu:/etc/ssl/private# 

需要填写的项目：

Country Name (2 letter code) [AU]: 国家
State or Province Name (full name) [Some-State]:省份
Locality Name (eg, city) []:城市
Organization Name (eg, company) [Internet Widgits Pty Ltd]:公司名称
Organizational Unit Name (eg, section) []: 组织单位名称  
Common Name (eg, YOUR name) []: 填写域名
Email Address []:电邮地址

2.创建Virtual Host

<VirtualHost *:443>    DocumentRoot /home/fdipzone/demo    ServerName demo.fdipzone.com    <Directory "/home/fdipzone/demo">    allow from all    AllowOverride all    Options -Indexes FollowSymLinks    </Directory>    SSLEngine on    SSLCertificateFile /etc/ssl/private/demo.crt    SSLCertificateKeyFile /etc/ssl/private/demo.key    SSLCipherSuite AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5    SSLHonorCipherOrder on</VirtualHost>

开启SSL Engine及设置使用的证书，端口443
SSLEngine on
SSLCertificateFile /etc/ssl/private/demo.crt           
SSLCertificateKeyFile /etc/ssl/private/demo.key

           

给我老师的人工智能教程打call！http://blog.csdn.net/jiangjunshow