一、准备工作
1.1 安装Apache服务器
yum install httpd -y
1.2 Apache服务器上已经开启了443端口
443为HTTPS服务的默认端口
1.3 Apache服务器上已安装了mod_ssl.so模块
启用SSL功能,安装mod_ssl.so模块
yum install -y mod_ssl
1.4 获取SSL证书
使用Certbot签发和续费泛域名SSL证书:https://blog.csdn.net/cljdsc/article/details/133461361文章来源:https://www.toymoban.com/news/detail-772125.html
二、配置apache
2.1 配置apache文件
vhost的域名配置文件.conf,在目录:/etc/httpd/conf.d文章来源地址https://www.toymoban.com/news/detail-772125.html
- HTTP配置:
Listen 80
# 指定域名
ServerName www.example.com
# 指定文档根目录
DocumentRoot /var/www/html
# 是否启用访问日志
CustomLog /var/log/httpd/access.log combined
# 指定错误日志路径
ErrorLog /var/log/httpd/error.log
# 配置虚拟主机
<VirtualHost *:80>
ServerAdmin admin@example.com
DocumentRoot /var/www/html/project
# 访问权限
<Directory /var/www/html/project>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
Require all granted
</Directory>
# 使用PHP解析器处理.php文件
<FilesMatch \.php$>
SetHandler "proxy:unix:/run/php-fpm/php-fpm.sock|fcgi://localhost/"
</FilesMatch>
# 定义PHP脚本的目录索引
DirectoryIndex index.php index.html
# 自定义错误页面
ErrorDocument 404 /error_404.html
# 设置HTTP头信息
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
</VirtualHost>
- HTTPS配置:
<VirtualHost *:443>
DocumentRoot /var/www/html/project
ServerName www.cpayfinance.com
ServerAlias www.cpayfinance.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/cpayfinance.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cpayfinance.com//privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/cpayfinance.com//chain.pem
# 访问权限
<Directory /var/www/html/project>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
Require all granted
</Directory>
# 使用PHP解析器处理.php文件
<FilesMatch \.php$>
SetHandler "proxy:unix:/run/php-fpm/php-fpm.sock|fcgi://localhost/"
</FilesMatch>
# 定义PHP脚本的目录索引
DirectoryIndex index.php index.html
# 自定义错误页面
ErrorDocument 404 /error_404.html
# 设置HTTP头信息
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
</VirtualHost>
- HTTP & HTTPS 配置
Listen 80
# 指定域名
ServerName www.cpayfinance.com
# 指定文档根目录
DocumentRoot /var/www/html
# 是否启用访问日志
CustomLog /var/log/httpd/access.log combined
# 指定错误日志路径
ErrorLog /var/log/httpd/error.log
# 配置虚拟主机
<VirtualHost *:80>
ServerAdmin admin@example.com
DocumentRoot /var/www/html/project
# 访问权限
<Directory /var/www/html/project>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
Require all granted
</Directory>
# 使用PHP解析器处理.php文件
<FilesMatch \.php$>
SetHandler "proxy:unix:/run/php-fpm/php-fpm.sock|fcgi://localhost/"
</FilesMatch>
# 定义PHP脚本的目录索引
DirectoryIndex index.php index.html
# 自定义错误页面
ErrorDocument 404 /error_404.html
# 设置HTTP头信息
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/html/project
ServerName www.cpayfinance.com
ServerAlias www.cpayfinance.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/cpayfinance.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cpayfinance.com//privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/cpayfinance.com//chain.pem
# 访问权限
<Directory /var/www/html/project>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
Require all granted
</Directory>
# 使用PHP解析器处理.php文件
<FilesMatch \.php$>
SetHandler "proxy:unix:/run/php-fpm/php-fpm.sock|fcgi://localhost/"
</FilesMatch>
# 定义PHP脚本的目录索引
DirectoryIndex index.php index.html
# 自定义错误页面
ErrorDocument 404 /error_404.html
# 设置HTTP头信息
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
</VirtualHost>
2.2 生效配置文件
- 查看配置文件是否正常
# apachectl -t
Syntax OK
- 重启apache配置
systemctl restart httpd
到了这里,关于Apache配置ssl证书-实现https访问的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!