Fatal编程技术网
  • apache/
  • 在Redhat linux中配置ssl apache

在Redhat linux中配置ssl apache

apache

在Redhat linux中配置ssl apache,apache,ssl-certificate,p7b,Apache,Ssl Certificate,P7b,我有一台配置了ssl的apache服务器 SSLCertificateFile /etc/certs/localhost.crt SSLCertificateKeyFile /etc/private/localhost.key 现在我需要用我们部门提供的新证书替换证书。 为此,我共享了csr,他们将证书发回 现在,他们共享的文件是*.p7b,其中包含PEM/base64编码格式的证书。是一个.p7b文件,其中包含DER编码的证书和颁发的CA证书 但是在apachessl.conf中,我需要提

我有一台配置了ssl的apache服务器

SSLCertificateFile /etc/certs/localhost.crt 
SSLCertificateKeyFile /etc/private/localhost.key
现在我需要用我们部门提供的新证书替换证书。 为此,我共享了csr,他们将证书发回

现在,他们共享的文件是*.p7b,其中包含PEM/base64编码格式的证书。是一个.p7b文件,其中包含DER编码的证书和颁发的CA证书

但是在apachessl.conf中,我需要提供crt文件。如何从p7b获取crt文件在Red Hat Linux server/CentOS 7上安装openssl

首先,我们需要在服务器上安装httpd,要安装httpd,请键入以下命令, yum安装httpd

在安装了httpd之后,现在我们需要安装mod_ssl, yum安装mod_ssl

现在,我们已经在服务器上安装了openssl, yum安装openssl

在安装httpd、mod_ssl和openssl之后,我们需要使用下面的命令生成密钥, openssl genrsa-out ca.key 2048

openssl req-new-key ca.key-out ca.csr按enter键可以跳过步骤

openssl x509-req-days 365-in ca.csr-signkey ca.key-out ca.cert

cp ca.crt/etc/pki/tls/certs

cp ca.key/etc/pki/tls/private/

cp ca.csr/etc/pki/tls/private

vim/etc/httpd/conf.d/ssl.conf

SSLCertificateFile/etc/pki/tls/certs/localhost.crt

取而代之

SSLCertificateFile /etc/pki/tls/certs/ca.crt

SSLCertificateKeyFile /etc/pki/tls/private/ca.key


  11. httpd -t (check whether the above change are correct or not)

  12. vim /etc/httpd/conf/httpd.conf

Go to the bottom of the file and write

<VirtaulHost *:443>
    SSLEngine on
    SSLCertificateFile /etc/pki/tls/certs/ca.crt
    SSLCertificateKeyFile /etc/pki/tls/private/ca.key
    servername localhost
    Documentroot /var/www/html
</VirtualHost>
Save & Exit

 13. httpd -t (check whether the above change are correct or not)

 14. firewall-cmd –permanent –add-service=https

 15. firewall-cmd –permanent –add-port=443/tcp

 16. firewall-cmd  --reload

 17. service httpd restart

取而代之

SSLCertificateFile /etc/pki/tls/certs/ca.crt

SSLCertificateKeyFile /etc/pki/tls/private/ca.key


  11. httpd -t (check whether the above change are correct or not)

  12. vim /etc/httpd/conf/httpd.conf

Go to the bottom of the file and write

<VirtaulHost *:443>
    SSLEngine on
    SSLCertificateFile /etc/pki/tls/certs/ca.crt
    SSLCertificateKeyFile /etc/pki/tls/private/ca.key
    servername localhost
    Documentroot /var/www/html
</VirtualHost>
Save & Exit

 13. httpd -t (check whether the above change are correct or not)

 14. firewall-cmd –permanent –add-service=https

 15. firewall-cmd –permanent –add-port=443/tcp

 16. firewall-cmd  --reload

 17. service httpd restart