Shulou(Shulou.com)06/01 Report--

This article is to share with you about the SSL certificate installation guidelines, the editor feels very practical, so share with you to learn, I hope you can learn something after reading this article, do not say much, follow the editor to have a look.

Installation guidelines for SSL certificates

1. Nginx certificate deployment

2. Apache 2.x certificate deployment

3. IIS certificate deployment

Examples of three types of server certificate installation methods, Nginx, Apache, and IIS, are provided below:

1. Nginx Certificate deployment 1.1 to obtain certificates

Download the www.domain.com.zip file and decompress it to get

The configuration file parameter indicates that the listen 443SSL access port number is 443ssl on enable SSL function ssl_certificate certificate file ssl_certificate_key private key file 2. Apache 2.x certificate deployment 2.1 obtain certificate

Download the www.domain.com.zip file, decompress the SSL certificate file 1_www.domain.com_cert.crt and private key file 2_www.domain.com.key

The 1_www.domain.com_cert.crt file contains two certificate codes "--BEGIN CERTIFICATE--" and "--END CERTIFICATE--"

The 2_www.domain.com.key file contains a private key code "--BEGIN RSA PRIVATE KEY--" and "--END RSA PRIVATE KEY--".

Save the first piece of 1_domain.com_cert.crt code as a crt format file domain.crt, and paste the second section into a text saved as a crt format file ca.crt.

(if it is a three-stage cross-certificate, save the second and third paragraphs as ca.crt)

2.2 Certificate installation

Edit the conf/httpd.conf file under the Apache root directory

Find # LoadModule ssl_module modules/mod_ssl.so and # Include conf/extra/httpd-ssl.conf and remove the previous # comment

Edit the conf/extra/httpd-ssl.conf file under the Apache root directory and modify the following:

DocumentRoot "/ var/www/html" ServerName www.domain.com SSLEngine on SSLCertificateFile / usr/local/apache/conf/domain.crt SSLCertificateKeyFile / usr/local/apache/conf/2_domain.com.key SSLCertificateChainFile / usr/local/apache/conf/ca.crt

After the configuration is complete, restart Apache and you can use https://www.domain.com to access it.

Note:

Configuration file parameter indicates that SSLEngine on enables SSL function SSLCertificateFile certificate file SSLCertificateKeyFile private key file SSLCertificateChainFile certificate chain file 3. IIS certificate deployment 3.1 get certificate

Download the www.domain.com.zip file, decompress the SSL certificate file 1_www.domain.com_cert.crt and private key file 2_www.domain.com.key

The 1_www.domain.com_cert.crt file contains two certificate codes "--BEGIN CERTIFICATE--" and "--END CERTIFICATE--"

The 2_www.domain.com.key file contains a private key code "--BEGIN RSA PRIVATE KEY--" and "--END RSA PRIVATE KEY--".

You need to install the OpenSSL tool to generate a certificate file in pfx format through the following command:

Openssl pkcs12-export-out www.domain.com.pfx-inkey 2_www.domain.com.key-in 1_www.domain.com_cert.crt

Get the www.domain.com.pfx certificate file.

3.2 Certificate installation

1. Open the IIS Service Manager, click the computer name, and double-click 'Server Certificate'

2. After double-clicking to open the server certificate, click Import on the right

3. Select the certificate file. If you enter the private key password when you apply for the certificate, you need to enter the password, click OK.

4. Click the site name under the website, and click bind on the right.

5. After opening the website binding interface, click add

6. Add website binding content: select the type https, port 443 and the corresponding SSL certificate specified, and click OK

7. After the addition is completed, the binding interface of the website will see the content just added.

The above is what the SSL certificate installation guidelines are, and the editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.