In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-03 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
I hope it will be helpful for you to answer the doubt of "how to configure Apache based on encryption authentication https encryption certificate access under Centos6.3"! Next, please follow the editor to study!
1.DNS resolution:
[root@localhost html] # nslookup www.downcc.com
Server: 192.168.2.115
Address: 192.168.2.115#53
Name: www.downcc.com
Address: 192.168.2.115
two。 Install Apache SSL support module: # yum install-y mod_ssl (default yum installation httpd is not installed, automatically produce / etc/httpd/conf.d/ssl.conf file after installation) and generate certificate.
[root@localhost certs] # pwd
/ etc/pki/tls/certs
[root@localhost certs] # ls
Ca-bundle.crt index.html localhost.crt Makefile
Ca-bundle.trust.crt localhost1.crt make-dummy-cert
[root@localhost certs] # openssl req-utf8-new-key.. / private/localhost.key-x509-days 3650-out abc_com.crt
You are about to be asked to enter information that will be incorporated
Into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value
If you enter'., the field will be left blank.
-
Country Name (2 letter code) [XX]: CN
State or Province Name (full name) []: 510510
Locality Name (eg, city) [Default City]: GZ
Organization Name (eg, company) [Default Company Ltd]: ABC.COM
Organizational Unit Name (eg, section) []: Mr.Zhang
Common Name (eg, your name or your server's hostname) []: www.downcc.com
Email Address []: root@abc.com
[root@localhost certs] #
3. Configure Apache, the basic configuration is not said here, the following is the configuration of www.downcc.com site http access.
[root@localhost html] # tail-n 8 / etc/httpd/conf/httpd.conf
NameVirtualhost 192.168.2.115:80
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot / var/www/html
ServerName www.downcc.com
ErrorLog logs/dummy-host.example.com-error_log
CustomLog logs/dummy-host.example.com-access_log common
[root@localhost html] # tail / var/www/html/index.html
Www.downcc.com
[root@localhost html] #
4. Configure Apache to support https access to www.downcc.com sites, edit vim / etc/httpd/conf.d/ssl.conf files, and formulate information related to https access to www.downcc.com sites. Add the following configuration.
DocumentRoot "/ var/www/html/www.kuteatest.net" # / / in order to show the effect, the site directory here is different. In general, a domain name should point to the same directory.
ServerName www.downcc.com:443
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all-SSLv2
SSLCipherSuite all, "ADH," export, "SSLv2," RC4, "RSAV,"HIGH,"Medu,"low."
SSLCertificateFile / etc/pki/tls/certs/abc_com.crt
SSLCertificateKeyFile / etc/pki/tls/private/localhost.key
SSLOptions + StdEnvVars
SSLOptions + StdEnvVars
SetEnvIf User-Agent ". * MSIE.*"\
Nokeepalive ssl-unclean-shutdown\
Downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log\
"t% h% {SSL_PROTOCOL} x% {SSL_CIPHER} x\" r\ "% b"
5. Restart the Apache service and test the access.
Test the results of http access
Test the results of https access
View certificate information is consistent with self-built crt information
Final result of https visit
At this point, on the "Centos6.3 Apache how to configure encryption-based authentication https encryption certificate access" on the end of the study, I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.