Web Https 服务配置 (基于Apache httpd)

Web Https 服务配置 (基于Apache httpd)

SSL 证书申请

证书选择阿里云提供的云盾证书服务,阿里云提供了一个免费DV SSL 服务

Apache 证书安装

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
参考一:https://help.aliyun.com/knowledge_detail/95493.html

[root@alex httpd]# diff /etc/httpd/conf/httpd.conf_bak /etc/httpd/conf/httpd.conf
95c95
< #ServerName www.example.com:80
---
> ServerName pcliu.site:80
353a354,357
>
> RewriteEngine on
> RewriteCond %{HTTPS} !=on
> RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [L,R]
[root@alex httpd]#
[root@alex httpd]# diff /etc/httpd/conf.d/ssl.conf_back /etc/httpd/conf.d/ssl.conf
56c56
< <VirtualHost _default_:443>
---
> <VirtualHost *:443>
59,60c59,60
< #DocumentRoot "/var/www/html"
< #ServerName www.example.com:443
---
> DocumentRoot "/var/www/html"
> ServerName pcliu.site:443
100c100
< SSLCertificateFile /etc/pki/tls/certs/localhost.crt
---
> SSLCertificateFile /etc/pki/tls/certs/pcliu.site_public.crt
107c107
< SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
---
> SSLCertificateKeyFile /etc/pki/tls/private/pcliu.site.key
116c116
< #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
---
> SSLCertificateChainFile /etc/pki/tls/certs/pcliu.site_chain.crt