八、设置虚拟主机
配置虚拟主机以使用多个域名。
以下示例在域名为[linuxprobe.org],虚拟域名为[virtual.host(根目录[/home/wang/public_html]]的环境中设置。
必须为此示例设置Userdir的设置
| [1] 配置虚拟主机 [root@linuxprobe ~]# vi /etc/httpd/conf.d/vhost.conf # for original domain <VirtualHost *:80> DocumentRoot /var/www/html ServerName www.linuxprobe.org </VirtualHost> # for virtual domain <VirtualHost *:80> DocumentRoot /home/cent/public_html ServerName www.virtual.host ServerAdmin webmaster@virtual.host ErrorLog logs/virtual.host-error_log CustomLog logs/virtual.host-access_log combined </VirtualHost> [root@linuxprobe ~]# systemctl restart httpd [2]创建测试页并使用Web浏览器从客户端计算机访问它。如果显示以下页面,则是正确的: [cent@linuxprobe ~]$ vi ~/public_html/virtual.php <html> <body> <div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;"> Virtual Host Test Page </div> </body> </html> [3]如果访问测试时看不到相应页面,可通过下面命令进行测试: [root@linuxprobe ~]# yum -y install elinks^C [root@linuxprobe ~]# elinks http://www.virtual.host/virtual.php |
九、创建SSL证书
创建自己的SSL证书。但是,如果您使用您的服务器作为业务,最好购买和使用来自Verisigh的正式证书等。
| [root@linuxprobe ~]# cd /etc/pki/tls/cert cert.pem certs/ [root@linuxprobe ~]# cd /etc/pki/tls/certs/ [root@linuxprobe certs]# make server.key umask 77 ; /usr/bin/openssl genrsa -aes128 2048 > server.key Generating RSA private key, 2048 bit long modulus ...............................................................+++ ....................................................................................................+++ e is 65537 (0x10001) Enter pass phrase: Verifying - Enter pass phrase: [root@linuxprobe certs]# openssl rsa -in server.key -out server.key Enter pass phrase for server.key: writing RSA key [root@linuxprobe certs]# make server.csr umask 77 ; /usr/bin/openssl req -utf8 -new -key server.key -out server.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN #国家后缀 State or Province Name (full name) []:Shanghai #省 Locality Name (eg, city) [Default City]:Shanghai #市 Organization Name (eg, company) [Default Company Ltd]:LinuxProbe #公司 Organizational Unit Name (eg, section) []:DevOps #部门 Common Name (eg, your name or your server's hostname) []:linuxprobe.org #主机名 Email Address []:root@linuxprobe.org #邮箱 Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: #默认 An optional company name []: #默认 # [root@linuxprobe certs]# openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650 Signature ok subject=/C=CN/ST=Shanghai/L=Shanghai/O=LinuxProbe/OU=DevOps/CN=linuxprobe.org/emailAddress=root@linuxprobe.org Getting Private key |
