重庆分公司,新征程启航
为企业提供网站建设、域名注册、服务器等服务
一.httpd-2.2版本安装及配置
创新互联建站是一家集网站建设,高台企业网站建设,高台品牌网站建设,网站定制,高台网站建设报价,网络营销,网络优化,高台网站推广为一体的创新建站企业,帮助传统企业提升企业形象加强企业竞争力。可充分满足这一群体相比中小企业更为丰富、高端、多元的互联网需求。同时我们时刻保持专业、时尚、前沿,时刻以成就客户成长自我,坚持不断学习、思考、沉淀、净化自己,让我们为更多的企业打造出实用型网站。
1.安装httpd-2.2.3
# yun -y install httpd
2.查看httpd安装生成的文件
# rpm -ql httpd | less
3.启动服务
# service httpd start
4.开机自动启动服务
# chkconfig --add httpd
# chkconfig --level 345 httpd on
5.建立测试页面
# cd /var/www/html
# vim index.html
6.httpd服务的配置文件
# cd /etc/httpd/conf/
# cp httpd.conf httpd.conf.bak
7.编辑配置文件
# vim httpd.conf
ServerTokens Major
KeepAlive On
8.修改网站根目录
DocumentRoot "/web/html"
Options none
AllowOverride None
Order deny,allow
Deny from 192.168.0.1 172.16.100.177
9.检测配置文件是否语法正确
# httpd -t
10.linux下使用纯文本浏览器
# elinks http://ip
11.限定用户访问网站
AllowOverride AuthConfig
AuthType Basic
AuthName "Restricted Files"
AuthUserFile "/etc/httpd/conf/htpasswd"
Require valid-user 或 Require user hadoop
12.建立限定用户文件
# htpasswd -c -m /etc/httpd/conf/htpasswd hadoop
# htpasswd -m /etc/httpd/conf/htpasswd tom
13.重启服务
# service httpd restart
14.在电脑浏览器上测试是否设置成功(限定用户)
15.基于组限定访问
AllowOverride AuthConfig
AuthType Basic
AuthName "Restricted Files"
AuthUserFile "/etc/httpd/conf/htpasswd"
AuthGroupFile "/etc/httpd/conf/htgroup"
Require group myusers
16.建立用户组文件
# vim /etc/httpd/conf/htgroup
myusers: hadoop tom
17.重启服务
# service httpd restart
18.htpasswd命令删除用户
# htpasswd -D hadoop
19.虚拟主机的配置
首先要注释中心主机 DocumentRoot
20.在/etc/httpd/conf.d/目录下建立虚拟机配置文件
# vim /etc/httpd/conf.d/virtual.conf
NameVirtualHost 172.16.100.1:80
ServerName www.luochen.com DocumentRoot "/web/luochen" CustomLog /var/log/httpd/luochen/access_log combined Options none AllowOverride AuthConfig AuthType Basic AuthName "Restricted Files" AuthUserFile "/etc/httpd/conf/htpasswd" Require valid-user 或 Require user hadoop
ServerName www.luo.com DocumentRoot "/web/luo" CustomLog /var/log/httpd/luo/access_log combined Options none AllowOverride None Order deny,allow Deny from 192.168.0.1 172.16.100.177
21.编辑windows下的hosts文件
172.16.100.1 www.luochen.com
172.16.100.1 www.luo.com
22.安装mod_ssl模块(htppd基于rpm包安装时)
# yum -y install mod_ssl
23.查看mod_ssl安装生成那些文件
# rpm -ql mod_ssl
24.自建CA (在172.16.100.10主机上)
# cd /etc/pki/CA
# (umask 077; openssl genrsa -out private/cakey.pem 2048; )
# vim /etc/pki/tls/openssl.cnf
[ req_distinguished_name ]
countryName_Default = CN
setOrProvinceName_default = HB
localityName_default = WUHAN
0.organizationName_default = COLLEGE
organizationalUnitName_default = Tech
25.# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 3650
hostname ca.luochen.com
26.编辑openssl文件
dir = /etc/pki/CA
27.创建相应的目录文件
# mkdir certs newcerts crl
# touch index.txt
# echo 01 > serial
28.在httpd服务目录下创建ssl目录(在172.16.100.1主机上)
# mkdir /etc/httpd/ssl
# (umask 077; openssl genrsa 2048 > httpd.key) //生成密钥
# openssl req -new -key httpd.key -out httpd.csr //生成证书颁发请求
hostname === ServerName
# scp http.csr 172.16.100.10:/tmp //将证书颁发请求复制到服务器端
29.在172.16.100.10主机上
# openssl ca -in /tmp/httpd.csr -out /tmp/httpd.crt -daya 3650 //生成证书
# cat /etc/pki/CA/serial //显示02即成功
30.将证书复制到客户端主机上(172.16.100.1)
# scp 172.16.100.10/tmp/httpd.crt ./ //将证书复制到客户端主机上
31.删除tmp目录下所有文件
# vim rm -rf ./*
32.编辑/etc/httpd/conf.d/ssl.conf 文件(172.16.100.1)
# vim /etc/httpd/conf.d/ssl.conf
ServerName www.luochen.com
DocumentRoot "/web/www/luochen"
SSLCertificateFile /etc/httpd/ssl/httpd.crt
SSLCertificateKeyFile /etc/httpd/ssl/httpd.key
33.重启httpd服务器
# service httpd restart
34.将CA的证书复制到windows主机上
/etc/pki/CA/cacert.pem //在172.16.100.10
35.在Windows主机上对证书进行重命名
cacert.pem cacert.crt
36.双击安装证书
37.最后在浏览器用https协议访问 验证