CentOS OpenSSL 安装配置.doc
文本预览下载声明
CentOS下Apache 2.2+OpenSSL 0.9安装配置
系统版本:CentOS release 5.5 (Final)
软件: httpd-2.2.22.tar.gz ,openssl-0.9.8e.tar.gz
1.首先用ssh上传到centos虚拟机器中
[root@cacti ~]# tar -zxvf httpd-2.2.22.tar.gz
[root@cacti ~]# tar -zxvf openssl-0.9.8e.tar.gz
2.首先安装openssl
[root@cacti openssl-0.9.8e]# ./config --prefix=/usr/local/ssl //配置路径为/usr/local/ssl目录下
[root@cacti openssl-0.9.8e]# makemake install//安装openssl
3.安装apache2.2
[root@cacti httpd-2.2.22]#./configure --prefix=/usr/local/apache --enable-so --enable-ssl --with-ssl=/usr/local/ssl //如果需要加别的参数也是可以的可以用./configure --help查看其它参数。
[root@cacti httpd-2.2.22]#makemake install//安装apache
4.[root@cacti ~]# cd /usr/local/apache/conf/
[root@cacti ~]#vi httpd.conf
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf//把这个井号去掉,默认路径也可以修改
5.[root@cacti extra]# cd extra进入extra目录找到httpd.ssl.conf
[root@cacti extra]# cp httpd.ssl.conf httpd.ssl.conf.backup//备份一份
[root@cacti extra]# cat httpd.ssl.conf|grep -v # httpd.ssl.conf//把井号去掉便于查找。
[root@cacti extra]# vi httpd.ssl.conf//打开httpd.ssl.conf文件。
DocumentRoot /usr/local/apache/htdocs
ServerName :443
ServerAdmin you@
ErrorLog /usr/local/apache/logs/error_log
TransferLog /usr/local/apache/logs/access_log
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile /usr/local/apache/conf/server.cert//这里可以修改默认路径和后缀名。
SSLCertificateKeyFile /usr/local/apache/conf/server.key
6.[root@cacti conf]#cd /usr/local/apache/conf//进入conf路径生成密匙
[root@cacti conf]#openssl genrsa -des3 -out server.key 1024//生成服务器私钥:运行openssl命令,生成1024、2048位长的私钥server.key文件。如果您需要对 server.key 添加保护密码,请使用 -des3 扩展命令。Windows环境下不支持加密格式私钥,Linux环境下使用加密格式私钥时,每次重启Apache都需要您输入该私钥密码(例:openssl genrsa -des3 -out server.key 2048)。
Generating RSA private key, 1024 bit long modulus
....................++++++
.................................++++++
e is 65537 (0x10001)
Enter pass phrase for server.key://输入密码
Verifying - Enter pass phrase for server.key:
[root@cacti conf]#openssl req -new -key server.key -
显示全部