1. Download Apache
#cd ~
#wget http://www.eng.lsu.edu/mirrors/apache//httpd/httpd-2.2.17.tar.gz
#tar xvfz httpd-2.2.17.tar.gz
install by yum:
[root@localhost ~]# yum install httpd
install by yum:
[root@localhost ~]# yum install httpd
2. Install Apache with SSL/TLS
#cd httpd-2.2.17
#./configure --help
--------------------------------------
#./configure --enable-ssl --enable-so
#make
#make install
3. Enable SSL in httpd.conf
# vi /usr/local/apache2/conf/httpd.conf
adding this text:
-----------------
Include conf/extra/httpd-ssl.conf
-----------------
vi /usr/local/apache2/conf/extra/httpd-ssl.conf
# egrep 'server.crt|server.key' httpd-ssl.conf
SSLCertificateFile "/usr/local/apache2/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache2/conf/server.key"
4. Create server.crt and server.key file
#cd ~
Making a private key:
#openssl genrsa -des3 -out server.key 1024
Next, generate a certificate request file (server.csr) using the above server.key file.
#openssl req -new -key server.key -out server.csr
Finally, generate a self signed ssl certificate (server.crt) using the above server.key and server.csr file
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
5. Copy the server.key and server.crt
cd ~
cp server.key /usr/local/apache2/conf/
cp server.crt /usr/local/apache2/conf/
6. Start the apache and verify SSL
/usr/local/apache2/bin/apachectl start
Apache/2.2.17 mod_ssl/2.2.17 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.
Server www.example.com:443 (RSA)
Enter pass phrase:
OK: Pass Phrase Dialog successful.
------------------------------
can't see option to declare SSL Engine ON
Không có nhận xét nào:
Đăng nhận xét