一、apache:
- 安装apache、ssl、openssl
yum -y install httpd httpd-pear mod_ssl openssl - 生成证书文件
openssl genrsa -out server.key 2048 openssl req -new -key server.key -out server.crt此步骤需要输入一些证书信息:(如果不想输入,也可一路回车)
Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:shanghai Locality Name (eg, city) [Default City]:shanghai Organization Name (eg, company) [Default Company Ltd]:ccc Organizational Unit Name (eg, section) []:bbb Common Name (eg, your name or your server's hostname) []:www.test.com Email Address []:a@a.com - 移到证书文件到apache配置目录下
mv {server.key,server.crt} /etc/httpd/conf/ - 修改nginx配置文件:
vim /etc/httpd/conf/httpd.conf
修改为刚才生成证书文件的路径 - 测试:
二、nginx: - 生成私钥文件:
openssl genrsa -des3 -out server.key 2048 - 去除口令:
mv server.key server.key.back openssl rsa -in server.key.back -out server.key - 创建请求证书:
openssl req -new -key server.key -out server.csr - 生成证书文件:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt - 修改nginx配置文件:
ssl on; ssl_certificate /etc/nginx/server.crt; ssl_certificate_key /etc/nginx/server.key;
- 测试:
本文转自 Lee_吉 博客,原文链接: http://blog.51cto.com/12173069/2057610
如需转载请自行联系原作者
