How To Create a SSL Certificate on Apache for CentOS 6
2014-05-18 13:11
661 查看
About Self-Signed Certificates
自签证书。一个SSL证书,是加密网站的信息,并创建更安全的链接的一种方式。附加地,证书可以给网站浏览者显示VPS的的身份证明信息。如果一个SSC没有第三方证实,那么证书作者可以发行SSL证书,用以验证虚拟服务器的细节。
Step One-Install Mod SSL
为了设置自签名证书,我们先要确保Apache和Mod SSL已经在VPS上安装。你可以通过下面的命令安装他们:
Step Two-Create a New Directory
下一步,我们需要创建一个新的路径,用以存储server key和certificate.
Step Three-Create a Self Signed Certificate
当我们请求一个新证书,我们可以通过改变365为任何我们乐意的数字,来指定证书的有效期。
标准的证书,会在一年后过期。
通过该命令,我们重建了自签名SSL certificate,和保护它的server key,并把他们都放在该新路径里。
该命令会要求输入一些信息。
最重要的是Common Name这一行,在这儿填入你的官方域名。如果你还没有,你可以写网站的IP地址。
Step Four-Set Up the Certificate
现在,所有必要的部分已经完成。下一步,要设置虚拟主机,来显示新的certificate.
打开SSL config 文件
找到<VirtualHost _default_443>,做一些快速改变。
取消DocumentRoot和ServerName行的备注,用你DNS可以抵达的域名或服务器IP地址,替换example.com。(它应该和certificate上的common name一样):
找到下面的三行,确保他们和下面的表达式匹配:
你的虚拟主机现在全都设置好了。保存并退出文件。
Step Five-Restart Apache
你已经做完。重启Apache server,会重载你修改过配置。
自签证书。一个SSL证书,是加密网站的信息,并创建更安全的链接的一种方式。附加地,证书可以给网站浏览者显示VPS的的身份证明信息。如果一个SSC没有第三方证实,那么证书作者可以发行SSL证书,用以验证虚拟服务器的细节。
Step One-Install Mod SSL
为了设置自签名证书,我们先要确保Apache和Mod SSL已经在VPS上安装。你可以通过下面的命令安装他们:
yum install mod_ssl
Step Two-Create a New Directory
下一步,我们需要创建一个新的路径,用以存储server key和certificate.
mkdir /etc/httpd/ssl
Step Three-Create a Self Signed Certificate
当我们请求一个新证书,我们可以通过改变365为任何我们乐意的数字,来指定证书的有效期。
标准的证书,会在一年后过期。
openssl req -x509 -nodes -days 365 -newkey rsa:2048
-keyout /etc/httpd/ssl/apache.key
-out /etc/httpd/ssl/apache.crt
通过该命令,我们重建了自签名SSL certificate,和保护它的server key,并把他们都放在该新路径里。
该命令会要求输入一些信息。
最重要的是Common Name这一行,在这儿填入你的官方域名。如果你还没有,你可以写网站的IP地址。
You are about to be asked to enter information that will be
incorporated into your certificate request. What you are about to enter is what is called a Distinguished
Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:New York Locality Name (eg, city) []:NYC Organization Name (eg, company) [Internet Widgits Pty Ltd]:Awesome Inc Organizational Unit Name (eg, section) []:Dept of Merriment Common Name (e.g. server FQDN or YOUR name) []:example.com Email Address []:webmaster@awesomeinc.com
Step Four-Set Up the Certificate
现在,所有必要的部分已经完成。下一步,要设置虚拟主机,来显示新的certificate.
打开SSL config 文件
vi /etc/httpd/conf.d/ssl.conf
找到<VirtualHost _default_443>,做一些快速改变。
取消DocumentRoot和ServerName行的备注,用你DNS可以抵达的域名或服务器IP地址,替换example.com。(它应该和certificate上的common name一样):
ServerName example.com:443
找到下面的三行,确保他们和下面的表达式匹配:
SSLEngine on SSLCertificateFile /etc/httpd/ssl/apache.crt SSLCertificateKeyFile /etc/httpd/ssl/apache.key
你的虚拟主机现在全都设置好了。保存并退出文件。
Step Five-Restart Apache
你已经做完。重启Apache server,会重载你修改过配置。
/etc/init.d/httpd restart在你的浏览器,键入https://youraddress,会显示该新certificate。
相关文章推荐
- How To Create a SSL Certificate on Apache for Debian 8 htttps
- How To Create a SSL Certificate on Apache for Debian 7 |htttps
- How To Create a SSL Certificate on Apache for Ubuntu 14.04
- 转自 https://www.digitalocean.com/community/articles/how-to-create-a-ssl-certificate-on-nginx-for-cent
- how to create an ssl certificate on nginx for ubuntu14.04
- How To Set Up Apache with a Free Signed SSL Certificate on a VPS
- How to Install Linux, Apache, MySQL, PHP (LAMP) stack on CentOS 6 【Reliable】
- How to install Apache, PHP 7.1 and MySQL on CentOS 7.3 (LAMP)
- [已解决]在VMware-server for linux 下装centos错误:an error has occurred. - no valid devices were found on which to create new file system
- How to install HipHop for PHP on CentOS 5.x
- How To Set Up Apache Virtual Hosts on CentOS 6
- How to Create a High Availability Setup with Pacemaker, Corosync and Floating IPs on CentOS 7
- How To Setup a Rails 4 App With Apache and Passenger on CentOS 6
- Https SSL Knowledge & how to get a self-signed certificate on ubuntu.
- How To Setup Apache Hadoop On CentOS
- How to Install Apache CouchDB on CentOS 6 (from Source and EPEL)
- Https SSL Knowledge & how to get a self-signed certificate on ubuntu.
- How to Install Apache OpenOffice on RHEL/CentOS
- How to create a self-signed SSL Certificate
- How to Install LAMP (Apache 2.4, MySQL 5.6, and PHP 5.4) on CentOS/RHEL 7