原文地址:
https://www.digicert.com/ssl-certificate-installation-apache.htm
SSL Certificate Installation in Apache
1. Copy the Certificate files to your server.
Download your Intermediate (DigiCertCA.crt) and Primary Certificate (your_domain_name.crt) files from your Customer Area, then copy them to the directory on your server where you will keep your certificate and key files. Make them readable by root only.
2. Find the Apache config file to edit.
The location and name of the config file can vary from server to server - especially if you use a special interface to manage your server configuration.
Apache's main configuration file is typically named httpd.conf or apache2.conf. Possible locations for this file include /etc/httpd/ or /etc/apache2/. For a comprehensive listing of default installation layouts for Apache HTTPD on various operating systems and distributions, see Httpd Wiki - DistrosDefaultLayout.
Often, the SSL Certificate configuration is located in a <VirtualHost> block in a different configuration file. The configuration files may be under a directory like /etc/httpd/vhosts.d/, /etc/httpd/sites/, or in a file called httpd-ssl.conf.
One way to locate the SSL Configuration on Linux distributions is to search using grep, as shown in the example below.
Type the following command:
grep -i -r "SSLCertificateFile" /etc/httpd/
Where "/etc/httpd/" is the base directory for your Apache installation.
3. Identify the SSL <VirtualHost> block to configure.
If you need your site to be accessible through both secure (https) and non-secure (http) connections, you will need a virtual host for each type of connection. Make a copy of the existing non-secure virtual host and configure it for SSL as described in step 4.
If you only need your site to be accessed securely, configure the existing virtual host for SSL as described in step 4.
4. Configure the <VirtualHost> block for the SSL-enabled site.
Below is a very simple example of a virtual host configured for SSL. The parts listed in bold are the parts that must be added for SSL configuration:
<VirtualHost 192.168.0.1:443>
DocumentRoot /var/www/html2
ServerName www.yourdomain.com
SSLEngine on
SSLCertificateFile /path/to/your_domain_name.crt
SSLCertificateKeyFile /path/to/your_private.key
SSLCertificateChainFile /path/to/DigiCertCA.crt
</VirtualHost>
Adjust the file names to match your certificate files:
- SSLCertificateFile should be your DigiCert certificate file (eg. your_domain_name.crt).
- SSLCertificateKeyFile should be the key file generated when you created the CSR.
- SSLCertificateChainFile should be the DigiCert intermediate certificate file (DigiCertCA.crt)
If the SSLCertificateChainFile directive does not work, try using the SSLCACertificateFile directive instead.
5. Test your Apache config before restarting.
It is always best to check your Apache config files for any errors before restarting, because Apache will not start again if your config files have syntax errors. Run the following command: (it is apache2ctl on some systems)
apachectl configtest
Restart Apache.
You can use apachectl commands to stop and start Apache with SSL support:
apachectl stop
apachectl start
Note: If Apache does not start with SSL support, try using "apachectl startssl" instead of "apachectl start". If SSL support only loads with "apachectl startssl" we recommend you adjust the apache startup configuration to include SSL support in the regular "apachectl start" command. Otherwise your server may require that you manually restart Apache using "apachectl startssl" in the event of a server reboot. This usually involves removing the <IfDefine SSL> and </IfDefine> tags that enclose your SSL configuration.
分享到:
相关推荐
Apache SSL(Secure Sockets Layer)加密机制是网络服务器安全配置中的关键组成部分,它为Web通信提供了数据加密、服务器身份验证和消息完整性检查等安全保障。在本文中,我们将深入探讨Apache SSL加密机制的工作...
CentOS Apache SSL 配置 CentOS Apache SSL 配置是指在 CentOS 操作系统中配置 Apache 服务器以使用 SSL 加密连接的过程。SSL(Secure Sockets Layer)是一种加密协议,用于保护 Web 服务器和浏览器之间的通信。 ...
本文将详细介绍如何使用`create-ssl-certificate`这个基于Node.js的命令行工具来创建自签名SSL证书。 首先,`create-ssl-certificate`是一个Node.js应用程序,它简化了在本地或开发环境中生成自签名SSL证书的过程。...
【svn+apache+ssl整合】是指将Subversion(SVN)版本控制系统与Apache HTTP服务器结合,并启用SSL(Secure Sockets Layer)加密通信,以便提供安全的HTTPS访问方式。这一过程通常涉及以下步骤: 1. **环境准备**: ...
**Apache SSL证书部署指南** Apache服务器作为广泛应用的Web服务器,为网站提供了一个强大的平台来发布内容和服务。为了增强网站的安全性,确保用户数据传输过程中的隐私保护,部署SSL(Secure Socket Layer)证书...
**Apache SSL 插件:mod_ssl** Apache HTTP Server 是世界上最流行的Web服务器软件,而mod_ssl是Apache的一个核心模块,专门用于实现安全套接层(SSL)协议,为网站提供安全的HTTPS服务。SSL(Secure Sockets Layer...
Apache SSL 模块详解 Apache SSL(Secure Sockets Layer)模块是Apache Web服务器的一个扩展,用于提供HTTPS服务,实现Web通信的加密和安全传输。SSL技术对于保护敏感数据,如网上银行交易、登录凭据和个人信息,至...
这通常涉及到下载OpenSSL二进制文件,将其添加到系统路径,然后在Apache的配置文件httpd.conf中修改或添加必要的SSL设置,如SSL证书和私钥的位置,以及启用SSL模块。 Apache的配置文件httpd.conf是控制服务器行为的...
反向代理则是Apache服务器的一种功能,它隐藏了实际的服务器,使得客户端的请求首先到达代理服务器,然后由代理服务器转发到实际的Web服务器,增加了安全性并提高了服务的响应速度。 ### Windows下Apache2.0+SSL...
Apache SSL 安装指南 Apache HTTP Server 是世界上最流行的开源Web服务器软件,而SSL(Secure Sockets Layer)则是一种用于加密网络通信的安全协议,常用于HTTPS服务,以保护数据传输的安全性。在Apache中配置SSL...
### Windows 下 Apache 配置 SSL 安全连接详解 #### 一、SSL 概述 SSL(Secure Socket Layer)是一种广泛应用于互联网上的安全通信协议,主要用于保护 HTTP 协议的安全传输。通过 SSL 加密,可以确保客户端与...
Apache SSL配置包括单向认证和双向认证,是保障Web服务器与客户端之间通信安全的重要手段。SSL(Secure Socket Layer)协议是实现HTTP安全传输的基础,它通过数字证书来验证服务器身份,确保数据在传输过程中不被...
4. **配置Apache**:在Apache的配置文件`httpd.conf`中,打开SSL模块,并指定SSL相关的配置,包括证书和私钥的位置。例如: ```apache Listen 443 *:443> ServerName your.domain.com SSLEngine on ...
Apache是广泛应用的开源Web服务器,而SSL(Secure Sockets Layer)或其更新版本TLS(Transport Layer Security)则是提供网络通信加密的重要协议,用于保护数据传输的安全性。本文将深入探讨如何在Windows上配置...
**Apache mod_ssl 插件详解** `mod_ssl` 是 Apache HTTP 服务器的一个核心模块,它提供了安全套接层 (SSL) 和传输层安全 (TLS) 协议的支持,用于实现安全的网页浏览和数据传输。这个插件是 Apache 与 HTTPS...
在Centos7.6平台下使用openssl给apache做自签名证书,并给apache设置HTTPS的SSL证书。(无坑版) 二、平台 [root@kahn.xiao ~]# uname -r 3.10.0-957.el7.x86_64 [root@kahn.xiao ~]# cat /etc/redhat-release ...
在Windows环境下配置Apache服务器以支持SSL(Secure Sockets Layer)是一项关键任务,它能确保网站数据传输的安全性,特别是对于涉及用户隐私信息的网站。SSL是互联网上的一种标准安全协议,用于加密通信并验证...
在本文中,我们将深入探讨Apache SSL的相关知识点,包括其原理、配置以及如何使用提供的压缩包文件进行安装。 1. **SSL/TLS协议**: - SSL/TLS是网络通信中用于保护数据传输的加密协议,它确保了用户和服务器之间...