注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

phperwuhan的博客

记载一个phper的历程!phperwuhan.blog.163.com

 
 
 

日志

 
 

Configure Apache22 SSL in FreeBSD  

2011-01-28 14:10:45|  分类: apache |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
来源:http://www.freebsdonline.com/content/view/606/506/
This tutorial is about configuring Apache 22 SSL in FreeBSD

Step 1. Compile and install Apache
-----------------------------------------------

cd /usr/ports/www/apache22
make install clean


Step 2. Add the following lines to /etc/rc.conf
-------------------------------------------------------------
apache22_enable="YES"
apache22_flags="-DSSL"


Step 3. Create dirs to store Apache SSL keys
--------------------------------------------------------------
mkdir /usr/local/etc/apache22/ssl.key
mkdir /usr/local/etc/apache22/ssl.crt

chmod 0700 /usr/local/etc/apache22/ssl.key
chmod 0700 /usr/local/etc/apache22/ssl.crt


Step 4. Create certificates
-----------------------------------
# create certificate
cd /root
openssl genrsa -des3 -out server.key 1024

# create a Certificate Signing Request (CSR)
openssl req -new -key server.key -out server.csr

# self sign the certificate
openssl x509 -req -days 730 -in /root/server.csr -signkey /root/server.key -out /root/server.crt


Step 5. Copy certificate files to apache config directory
---------------------------------------------------------------------------
cp /root/server.key /usr/local/etc/apache22/ssl.key/
cp /root/server.crt /usr/local/etc/apache22/ssl.crt/


Step 6. Set proper permision for certificate files
------------------------------------------------------------------
chmod 0400 /usr/local/etc/apache22/ssl.key/server.key
chmod 0400 /usr/local/etc/apache22/ssl.crt/server.crt


Step 7. Add certificate to your Apache config
-------------------------------------------------------------
Add the following lines to your VirtualHost section in httpd.conf:

     SSLEngine on
     SSLCertificateFile /usr/local/etc/apache22/ssl.crt/server.crt
     SSLCertificateKeyFile /usr/local/etc/apache22/ssl.key/server.key


Step 8. Remove SSL Password
------------------------------------------
Remove SSL Password from certificate, otherwise you will have to
input password every time you start Apache.

cd /usr/local/etc/apache22/ssl.key
cp server.key server.key.orig
openssl rsa -in server.key.orig -out server.key


Step 9. Allow access to Directory where your files are located
------------------------------------------------------------------------------------
Place the following lines to /usr/local/etc/apache22/httpd.conf file

order allow,deny
allow from all

in between your <Directory "/your_path_to_http_files">     </Directory> tags.
  评论这张
 
阅读(449)| 评论(0)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2017