星期四, 12月 22, 2011

轉:Setting up an SSL secured Webserver with CentOS

在apache裡建https就這麼簡單...
  1. Getting the required software
    yum install mod_ssl openssl
  2. Generate a self-signed certificate
    # Generate private key 
    openssl genrsa -out ca.key 1024 
    
    # Generate CSR 
    openssl req -new -key ca.key -out ca.csr
    
    # Generate Self Signed Key
    openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
    
    # Copy the files to the correct locations
    cp ca.crt /etc/pki/tls/certs
    cp ca.key /etc/pki/tls/private/ca.key
    cp ca.csr /etc/pki/tls/private/ca.csr
  3. Setting up the virtual hosts
    #vim /etc/httpd/conf.d/ssl.conf
    -----------------------------
    #將<virtualhost>裡的內容修改為以下...
    <virtualhost *:443>
        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/ca.crt
        SSLCertificateKeyFile /etc/pki/tls/private/ca.key
        <Directory /var/www/vhosts/yoursite.com/httpsdocs>
            AllowOverride All
        </Directory>
        DocumentRoot /var/www/vhosts/yoursite.com/httpsdocs
        ServerName yoursite.com
    </VirtualHost>
  4. Configuring the firewall
    yum install mod_ssl openssl

Reference

沒有留言: