HTTPS的配置

准备

假设CentOS7 已经安装了Apache Web服务器.

yum install mod_ssl openssl

安装完毕后，会自动生成 /etc/httpd/conf.d/ssl.conf 文件

然后就是相关的证书要准备好 @H_301_15@ @H_301_15@ 这里用的是腾讯云免费的TrustAsia的SSL证书，解压后取Apache的证书传至服务器。 @H_301_15@ @H_301_15@ 上传至服务器后，接下来配置Apache @H_301_15@ 配置Apache Web服务器

首先，修改下面的配置文件。只需要需配置红色部分 SSLCertificateFile 和 SSLCertificateKeyFile，把目录换成你所对应的上传证书的目录

# vim /etc/httpd/conf.d/ssl.conf

# @H_301_15@ # When we also provide SSL we have to listen to the @H_301_15@ # the HTTPS port in addition. @H_301_15@ # @H_301_15@ Listen 443 https

## @H_301_15@ ## SSL Virtual Host Context @H_301_15@ ##

@H_301_15@ # General setup for the virtual host,inherited from global configuration

DocumentRoot “/var/www/html/a.com” @H_301_15@ ServerName www.a.com:443

### overwrite the following parameters ### @H_301_15@ @H_301_15@ SSLCertificateFile /etc/pki/tls/certs/server.crt @H_301_15@ SSLCertificateKeyFile /etc/pki/tls/private/server.key @H_301_15@ @H_301_15@ ### The following parameter does not need to be modified in case of a self-signed certificate. ### @H_301_15@ ### If you are using a real certificate,you may receive a certificate bundle. The bundle is added using the following parameters ### @H_301_15@ SSLCertificateChainFile /etc/pki/tls/certs/example.com.ca-bundle

然后，重新启动httpd服务使更改生效

systemctl restart httpd

Web服务器现在就可以使用HTTPS啦