标签:http
编辑]#vim /etc/httpd/conf.d/vhost1.conf文件
文件内容:
<VirtualHost 192.168.5.102:80>
serverName www1.magedu.com
DocumentRoot /data/vhost/www1
CustomLog logs/www1-access_log combined
ErrorLog logs/error_log
<Directory "/data/vhost/www1/"
Options None
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
编辑主配置文件/etc/httpd/conf/httpd.conf
找到status
<Location/server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from tom
</Location>
编辑主配置文佳
NameVirtualHost 192.168.5.102:80(去掉注释)
编辑]#vim /etc/httpd/conf.d/vhost2.conf文件
<VirtualHost 192.168.5.102:80>
serverName www2.magedu.com
DocumentRoot /data/vhost/www2
CustomLog logs/www1-access_log combined
ErrorLog logs/error_log
<Directory "/data/vhost/www1/"
Options None
AllowOverride None
Order allow,deny
deny from 192.168
</Directory>
</VirtualHost>
去掉注释NameVirtualHost 192.168.5.102:80
创建CA
在192.168.5.102主机创建CA
bs ~]# cd /etc/pki/CA/
]# (umask 066; openssl genrsa -out private/cakey.pem2048 (生成私钥)
CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem(生成自签名证书)
#touch /etc/pki/CA/index.txt
# echo 01 > /etc/pki/CA/serial
在服务端安装模块
# yum -y install mod_ssl
CA]# cd /etc/httpd/conf
tpd]# mkdir /etc/httpd/ssl
umask 066; openssl genrsa -out httpd.key 2048)(创建私钥)
openssl req -new -keyhttpd.key -days 365 -out /etc/httpd/ssl/httpd.csr (创建申请证书)
scp httpd.csr 192.168.5.103:/testdir
# openssl ca -in /testdir/httpd.csr-out /etc/pki/CA/httpd.crt -days 365(给httpd.csr签名)
scp /CA/httpd.crt 192.168.5.102:/etc/httpd/ssl
重启服务
www1
# vim /etc/httpd/conf.d/vhost1.conf(编辑文件)
<VirtualHost *:80>
ServerName www1.magedu.com
DocumentRoot /data/vhost/www1
CustomLog logs/www1-access_log combined
ErrorLog logs/error_log
<Directory "/data/vhost/www1">
# Options None
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
编辑主配置文件
<Location/server-status>
SetHandlerserver-status
Orderallow,deny
Allow from tom
</Location>
www2
# vim /etc/httpd/conf.d/vhost2.conf(编辑文件)
<VirtualHost *:80>
ServerName www2.magedu.com
DocumentRoot /data/vhost/www2
CustomLog logs/www1-access_log combined
ErrorLog logs/error_log
<Directory "/data/vhost/www1">
# Options None
AllowOverride None
Require not ip 192.168
</Directory>
</VirtualHost>
编辑主配置文件
<Location/server-status>
SetHandlerserver-status
Orderallow,deny
Allow from tom
</Location>
创建CA
在192.168.5.103主机创建CA
bs ~]# cd /etc/pki/CA/
]# (umask 066; openssl genrsa -out private/cakey.pem2048 (生成私钥)
CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem(生成自签名证书)
#touch /etc/pki/CA/index.txt
# echo 01 > /etc/pki/CA/serial
在服务端安装模块
# yum -y install mod_ssl
CA]# cd /etc/httpd/conf
tpd]# mkdir /etc/httpd/ssl
umask 066; openssl genrsa -out httpd.key 2048)(创建私钥)
openssl req -new -keyhttpd.key -days 365 -out /etc/httpd/ssl/httpd.csr (创建申请证书)
scp httpd.csr 192.168.5.102:/testdir
# openssl ca -in /testdir/httpd.csr-out /etc/pki/CA/httpd.crt -days 365(给httpd.csr签名)
scp /CA/httpd.crt 192.168.5.103:/etc/httpd/ssl
重启服务
标签:http
原文地址:http://11480311.blog.51cto.com/11470311/1835041
