1. Free certificate application
https://help.aliyun.com/zh/ssl-certificate/user-guide/overview-of-free-certificates
get
3. Configuration
Execute the following command to open the default-ssl.conf file.
vim /etc/apache2/sites-available/default-ssl.conf
In the default-ssl.conf configuration file, locate the following parameters and modify them according to the Chinese comments.
DocumentRoot /var/www/html #替换为网站的代码入口地址,比如我的是/var/www/html/mmm/public
ServerName example.com #请将example.com替换为您证书绑定的域名。部分服务器,没有该配置参数,您需要手动添加。
SSLCertificateFile /etc/apache2/ssl/domain_name_public.crt #证书文件路径。请替换为实际证书文件路径。
SSLCertificateKeyFile /etc/apache2/ssl/domain_name.key #证书私钥文件路径。请替换为实际证书私钥文件路径。
SSLCertificateChainFile /etc/apache2/ssl/domain_name_chain.crt #证书链文件路径。请替换为实际证书链文件路径。
-
Execute the following command to create an ssl directory for storing certificates in the Apache2 installation directory.
mkdir /etc/apache2/ssl
-
Upload the certificate file and private key file to the Apache2 certificate directory (
/etc/apache2/ssl
). -
Execute the following command to enable the SSL module
sudo a2enmod ssl
-
/sites-available
The directory stores available virtual hosts. -
/sites-enabled
The directory stores enabled virtual hosts. -
After the SSL module is enabled, the SSL certificate configuration file default-ssl.conf will be generated in the
/etc/apache2/sites-available
directory.
-
-
Edit the default-ssl.conf file and modify the certificate-related configuration.
-
Execute the following command to map default-ssl.conf to the
/etc/apache2/sites-enabled
directory to achieve automatic association between the two.sudo ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/001-ssl.conf
-
Execute the following command to reload the Apache2 configuration file.
sudo /etc/init.d/apache2 force-reload
-
Execute the following command to restart the Apache2 service.
sudo /etc/init.d/apache2 restart
Verify that the SSL certificate is installed successfully
After the certificate is installed, you can verify whether the certificate was successfully installed by accessing the domain name bound to the certificate.
https://yourdomain #需要将yourdomain替换成证书绑定的域名。
If a small lock sign appears in the address bar of the web page, it means that the certificate has been successfully installed.
Reference: https://help.aliyun.com/zh/ssl-certificate/user-guide/install-ssl-certificates-on-apache-2-servers-that-run-ubuntu
Software engineering student Xiao Shi