[研究] Apache 2.4.25 (https) + OpenSSL 1.0.1e (yum)安裝(CentOS 7.3)
2016-12-30
CentOS 7.3 的 yum 目前只能安裝 httpd 到 2.4.6 版,如果想要安裝 2.4.25版
[root@localhost conf]# yum list | grep httpd.x86_64
httpd.x86_64 2.4.6-45.el7.centos base
libmicrohttpd.x86_64 0.9.33-2.el7 base
[root@localhost conf]# yum list | grep openssl.x86_64
openssl.x86_64 1:1.0.1e-60.el7 @anaconda
apr-util-openssl.x86_64 1.5.2-6.el7 base
xmlsec1-openssl.x86_64 1.2.20-5.el7 base
[root@localhost conf]#
開始安裝、啟動
yum -y install openssl-devel apr-util-devel pcre-devel gcc
cd /usr/local/src
wget http://apache.stu.edu.tw//httpd/httpd-2.4.25.tar.gz
tar xvfz httpd-2.4.25.tar.gz
cd httpd-2.4.25
./configure --enable-ssl --enable-cgid --enable-rewrite --enable-so
make
make install
echo "LoadModule ssl_module modules/mod_ssl.so" >> /usr/local/apache2/conf/httpd.conf
echo "LoadModule socache_shmcb_module modules/mod_socache_shmcb.so" >> /usr/local/apache2/conf/httpd.conf
echo "Include conf/extra/httpd-ssl.conf" >> /usr/local/apache2/conf/httpd.conf
cd /usr/local/apache2/conf
openssl genrsa -out server.key 2048
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
/usr/local/apache2/bin/httpd -k restart
如果要使用 AES256 加密,會要求輸入至少4位數的密碼,而且啟動 httpd 時候也會要求輸入,有些麻煩。
[root@localhost conf]# openssl genrsa -aes256 -out server.key 2048
Generating RSA private key, 2048 bit long modulus
.............................................................+++
....................+++
e is 65537 (0x10001)
Enter pass phrase for server.key:
139640097662880:error:28069065:lib(40):UI_set_result:result too small:ui_lib.c:869:You must type in 4 to 8191 characters
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:
[root@localhost conf]#
[root@localhost conf]# /usr/local/apache2/bin/httpd -k restart
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
httpd not running, trying to start
[root@localhost conf]#
(完)
相關
[研究] Apache 2.4.25 (https) + OpenSSL 1.0.1e (yum) 安裝(CentOS 7.3)
[研究] Apache HTTPd Web Server 2.4.6 + HTTPS (SSL) yum 安裝 (CentOS 7.2 x64)
http://shaurong.blogspot.com/2016/08/apache-httpd-web-server-246-https-ssl.html
沒有留言:
張貼留言