配置https

打开ssl模块,没有这个模块就需要安装依赖包:mod_ssl,安装后就会在modules里面找到

引入ssl配置文件,增加支持ssl

Include conf/extra/httpd-ssl.conf(去掉行首的注释)

修改加密文件ssl.conf,在conf.d目录下面有ssl.conf配置文件,我们需要在里面配置一个VirtualHost和配置证书和密钥

LoadModule ssl_module modules/mod_ssl.so
Listen 443
SSLPassPhraseDialog  builtin
SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300
SSLMutex defaultSSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL

<VirtualHost _default_:443>     # 必须有一个虚拟主机,这样才可以使用跳转功能和使用443端口访问
DocumentRoot "/home/store/webroot"
Servername https://xxx.com/
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine onSSLCertificateFile /etc/httpd/conf/cert/xxx.com.crt #证书位置
SSLCertificateKeyFile /etc/httpd/conf/cert/xxx.com.key #证书Key位置
</VirtualHost>

http重定向https

RewriteEngine onRewriteCond %{SERVER_PORT} !^443$RewriteRule ^/?(.*)$ https://%{SERVER_NAME}/$1 [L,R]
Last modification:September 7th, 2021 at 02:30 pm
© 允许规范转载
如果觉得我的文章对你有用,请随意赞赏