1.新建一个虚拟主机,我们配置域名为apache.v5linux.com
cp /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf /etc/httpd/conf.d/01-v5linux.com.conf2.修改配置文件
# vim 01-v5linux.com.conf <VirtualHost *:80> #ServerAdmin webmaster@dummy-host.example.com DocumentRoot "/var/www/v5linux/" ServerName apache.v5linux.com ServerAlias apache.v5linux.com ErrorLog "/var/log/httpd/apache-v5linux-error_log" CustomLog "/var/log/httpd/apache-v5linux-access_log" common </VirtualHost>3.重启apache
[root@centos-1gb-sfo2-01 conf.d]# systemctl enable httpd Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service. [root@centos-1gb-sfo2-01 conf.d]# systemctl start httpd4.创建目录
[root@centos-1gb-sfo2-01 conf.d]# cd /var/www/ [root@centos-1gb-sfo2-01 www]# mkdir v5linux5.写入一个测试html
[root@centos-1gb-sfo2-01 v5linux]# vim index.html [root@centos-1gb-sfo2-01 v5linux]# cat index.html this is apache.v5linux.com6.做下域名解析,指向apache.v5linux.com 然后等解析生效后访问
配置证书 申请证书
查看这篇文章 https://awen.me/post/248023261.html
申请成功,会有提示
[Tue Jul 25 08:24:08 UTC 2017] Your cert is in /root/.acme.sh/apache.v5linux.com/apache.v5linux.com.cer [Tue Jul 25 08:24:08 UTC 2017] Your cert key is in /root/.acme.sh/apache.v5linux.com/apache.v5linux.com.key [Tue Jul 25 08:24:08 UTC 2017] The intermediate CA cert is in /root/.acme.sh/apache.v5linux.com/ca.cer [Tue Jul 25 08:24:08 UTC 2017] And the full chain certs is there: /root/.acme.sh/apache.v5linux.com/fullchain.cer将证书拷贝到/etc/httpd/ssl目录,当然您愿意放哪里都可以
[root@centos-1gb-sfo2-01 conf]# mkdir /etc/httpd/ssl [root@centos-1gb-sfo2-01 conf]# cp -rf /root/.acme.sh/apache.v5linux.com/ /etc/httpd/ssl/ 安装apache ssl模块1.安装
yum install -y mod_ssl2.查看
[root@centos-1gb-sfo2-01 conf.modules.d]# ls /etc/httpd/modules/ | grep "mod_ssl" mod_ssl.so3.其配置文件在/etc/httpd/conf.modules.d下的00-ssl.conf
[root@centos-1gb-sfo2-01 conf.modules.d]# ls 00-base.conf 00-dav.conf 00-lua.conf 00-mpm.conf 00-proxy.conf 00-ssl.conf 00-systemd.conf 01-cgi.conf [root@centos-1gb-sfo2-01 conf.modules.d]# vim 00-ssl.conf [root@centos-1gb-sfo2-01 conf.modules.d]# cat 00-ssl.conf LoadModule ssl_module modules/mod_ssl.so5.编辑etc/httpd/conf.d/ssl.conf 文件,修改如下几行
<VirtualHost _default_:443> # General setup for the virtual host, inherited from global configuration DocumentRoot "/var/www/v5linux" #修改为自己的web目录 ServerName apache.v5linux.com:443 # 修改为自己的域名 SSLCertificateFile /etc/pki/tls/certs/localhost.crt #修改为自己的公钥路径 SSLCertificateKeyFile /etc/pki/tls/private/localhost.key #修改为自己的私钥路径如图所示
然后重启httpd
systemctl restart httpd再次访问
这种方法是http也可以访问,https也可以访问,如果说你希望访问http跳转到https,则修改/etc/httpd/conf.d/01-v5linux.com.conf端口的配置
<VirtualHost *:80> #ServerAdmin webmaster@dummy-host.example.com DocumentRoot "/var/www/v5linux/" ServerName apache.v5linux.com ServerAlias apache.v5linux.com ErrorLog "/var/log/httpd/apache-v5linux-error_log" CustomLog "/var/log/httpd/apache-v5linux-access_log" common #开启rewrite RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)?$ https://%{SERVER_NAME}/ [L,R] </VirtualHost>
