centos6.8+apache+https的简单搭建

很多理论知识这里就不提了，如果要深入了解建议先去了解下理论再来看会很容易看懂，下面直接操了。 


环境： 
CentOS release 6.8 (Final) 
apache-2.4.25 


1、查看现有apache是否有编译安装过ssl模块 
/usr/local/apache/bin/apachectl-l2、没有的话需要添加ssl模块，apache是以嵌入的方式添加模块的 
/usr/local/apache/bin/apxs-i-c-a-L/usr/lib64/openssl/engines/lib-c*.c-lcrypto-lssl-ldl/usr/local/apache/bin/apxs-c-imod_ssl.c/usr/local/apache/bin/apxs-c-imod_ssl.loll/usr/local/apache/modules|grepssl3、开启ssl扩展功能 
sed-i's/\#Includeconf\/extra\/httpd-ssl.conf/Includeconf\/extra\/httpd-ssl.conf/'/usr/local/apache/conf/httpd.confsed-n'140p'/usr/local/apache/conf/httpd.confLoadModulessl_modulemodules/mod_ssl.so4、生成不可信任额证书，公钥加密，私钥解密。私钥加密，公钥解密 
生成服务器私钥 
opensslgenrsa-des3-outserver.key2048生成服务器证书请求，并按照要求填写相关证书信息 
opensslreq-new-keyserver.key-outserver.csr签证： 
opensslx509-req-days3650-inserver.csr-signkeyserver.key-outserver.crt5、修改虚拟主机 

sed-n'22,33p'/usr/local/apache/conf/extra/httpd-vhosts.conf#<VirtualHost*:443>ServerAdmin1009422178@qq.comDocumentRoot"/var/www/html"ServerNamewww.www.fangqiweb.orgServerAliaswww.fangqi.web.orgSSLEngineonSSLCertificateFile/usr/local/apache/conf/server.crtSSLCertificateKeyFile/usr/local/apache/conf/server.keyErrorLog"logs/error/www-error_log"CustomLog"|/usr/local/sbin/cronolog/service/apache/logs/access/www-%Y%m%d_log"combined</VirtualHost>6、添加监听端口 
sed-i'53a\Listen443'httpd.conf 

7、检查语法，重启apache 
/usr/local/apache/bin/apachectl-t/usr/local/apache/bin/apachectlrestart 

8、测试访问 

9、如果访问不了 
防火墙是否允许了https通过 
vhost配置文件是否配置错误 
apache的主配置文件是否有错误，或者缺少vhost里的目录位置信息 
apache的监听端口是否开启 
apache是否有正确添加ssl模块 


常见错误： 
/usr/local/apache/bin/apachectl -t 
httpd: Syntax error on line 141 of /usr/local/apache-2.4.25/conf/httpd.conf: Cannot load modules/mod_ssl.so into server: /usr/local/apache-2.4.25/modules/mod_ssl.so: undefined symbol: ssl_cmd_SSLPassPhraseDialog 
解决： 
/usr/local/apache/bin/apxs -a -i -c -L /usr/lib64/openssl/engines/lib -c *.c -lcrypto -lssl -ldl

了解更多网络知识关注：http://www.vecloud.com/