« 用 Spreadsheet::ParseExcel 处理中文 excel 文件 | Main | 网络通知: 国际光缆坏了 »
December 25, 2006
为 apache 添加 SSL 支持
|
版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本声明。 https://windtear.net/archives/2006/12/25/001174.html http://windtear.net/archives/2006/12/25/001174.html 为 apache 添加 SSL 支持 apache 编译选项增加 --enable-ssl (可选) 修改 openssl.cnf 减少后面制作做成中的输入 /usr/share/ssl/openssl.cnf 制作证书 (原来写过一次 apache 服务器的 CA 证书) openssl req -new -x509 -nodes -days 3650 -out server.crt -keyout server.key openssl req -new -key server.key -out server.csr openssl req -new -key server.key -x509 -days 3650 -out server.crt 修改 httpd.conf LoadModule ssl_module modules/mod_ssl.so AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLRandomSeed startup builtin SSLRandomSeed connect builtin Listen 443 SSLPassPhraseDialog builtin SSLSessionCache dbm:/data/apache/logs/ssl_scache SSLSessionCacheTimeout 300 SSLMutex file:/data/apache/logs/ssl_mutex <VirtualHost _default_:443> SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile conf/server.crt SSLCertificateKeyFile conf/server.key ServerAdmin windtear@ipcn.org DocumentRoot /var/www/ipcn.org/replace ServerName replace.withyourdomain.com DirectoryIndex index.php index.htm index.html ErrorLog logs/replace.withyourdomain.com-error_log CustomLog logs/replace.withyourdomain.com-access_log combined CustomLog /data/apache/logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> 为了把原来的请求都无缝迁移到 https 版本 可以启用 rewrite LoadModule rewrite_module modules/mod_rewrite.so RewriteEngine on RewriteRule ^/$ https://replace.withyourdomain.com/ [NC,R=301,L] RewriteRule ^/(.+)$ https://replace.withyourdomain.com/$1 [NC,R=301,L] |
Posted by windtear at December 25, 2006 11:57 PM
