Php 独立Wamp服务器ssl身份验证设置
想要从Apache、PHP和MySQL中设置一个可移植服务器,所有这些都来自最新的二进制文件 下载和配置彼此,但有2个问题,我认为这只是一个。 第一: 我在httpd.conf中将loglevel设置为Info,并启动了服务器。 Error.log包含:Php 独立Wamp服务器ssl身份验证设置,php,mysql,windows,apache,Php,Mysql,Windows,Apache,想要从Apache、PHP和MySQL中设置一个可移植服务器,所有这些都来自最新的二进制文件 下载和配置彼此,但有2个问题,我认为这只是一个。 第一: 我在httpd.conf中将loglevel设置为Info,并启动了服务器。 Error.log包含: [Sat Aug 25 17:32:35.246609 2018] [ssl:info] [pid 13736:tid 592] AH01887: Init: Initializing (virtual) servers for SSL [Sa
[Sat Aug 25 17:32:35.246609 2018] [ssl:info] [pid 13736:tid 592] AH01887: Init: Initializing (virtual) servers for SSL
[Sat Aug 25 17:32:35.246609 2018] [ssl:info] [pid 13736:tid 592] AH01914: Configuring server servertwo.tld:443 for SSL protocol
[Sat Aug 25 17:32:35.247609 2018] [ssl:info] [pid 13736:tid 592] AH02568: Certificate and private key servertwo.tld:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/servertwo.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/servertwo.key
[Sat Aug 25 17:32:35.247609 2018] [ssl:info] [pid 13736:tid 592] AH01914: Configuring server serverone.tld:443 for SSL protocol
[Sat Aug 25 17:32:35.247609 2018] [ssl:info] [pid 13736:tid 592] AH02568: Certificate and private key serverone.tld:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/serverone.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/serverone.key
[Sat Aug 25 17:32:35.249606 2018] [ssl:info] [pid 13736:tid 592] AH01914: Configuring server localhost:443 for SSL protocol
[Sat Aug 25 17:32:35.250605 2018] [ssl:warn] [pid 13736:tid 592] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Sat Aug 25 17:32:35.250605 2018] [ssl:info] [pid 13736:tid 592] AH02568: Certificate and private key localhost:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/server.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/server.key
[Sat Aug 25 17:32:35.250605 2018] [ssl:info] [pid 13736:tid 592] AH01876: mod_ssl/2.4.34 compiled against Server: Apache/2.4.34, Library: OpenSSL/1.1.0h
[Sat Aug 25 17:32:35.284684 2018] [socache_shmcb:info] [pid 13736:tid 592] AH00830: Shared memory socache initialised
[Sat Aug 25 17:32:35.284684 2018] [ssl:info] [pid 13736:tid 592] AH01887: Init: Initializing (virtual) servers for SSL
[Sat Aug 25 17:32:35.284684 2018] [ssl:info] [pid 13736:tid 592] AH01914: Configuring server servertwo.tld:443 for SSL protocol
[Sat Aug 25 17:32:35.285683 2018] [ssl:info] [pid 13736:tid 592] AH02568: Certificate and private key servertwo.tld:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/servertwo.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/servertwo.key
[Sat Aug 25 17:32:35.285683 2018] [ssl:info] [pid 13736:tid 592] AH01914: Configuring server serverone.tld:443 for SSL protocol
[Sat Aug 25 17:32:35.285683 2018] [ssl:info] [pid 13736:tid 592] AH02568: Certificate and private key serverone.tld:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/serverone.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/serverone.key
[Sat Aug 25 17:32:35.286682 2018] [ssl:info] [pid 13736:tid 592] AH01914: Configuring server localhost:443 for SSL protocol
[Sat Aug 25 17:32:35.286682 2018] [ssl:warn] [pid 13736:tid 592] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Sat Aug 25 17:32:35.286682 2018] [ssl:info] [pid 13736:tid 592] AH02568: Certificate and private key localhost:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/server.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/server.key
[Sat Aug 25 17:32:35.286682 2018] [ssl:info] [pid 13736:tid 592] AH01876: mod_ssl/2.4.34 compiled against Server: Apache/2.4.34, Library: OpenSSL/1.1.0h
[Sat Aug 25 17:32:35.297671 2018] [mpm_winnt:notice] [pid 13736:tid 592] AH00455: Apache/2.4.34 (Win64) OpenSSL/1.1.0h PHP/7.2.9 configured -- resuming normal operations
[Sat Aug 25 17:32:35.297671 2018] [mpm_winnt:notice] [pid 13736:tid 592] AH00456: Server built: Jul 10 2018 10:15:24
[Sat Aug 25 17:32:35.297671 2018] [mpm_winnt:info] [pid 13736:tid 592] AH80000: Distributed by: The Apache Haus
[Sat Aug 25 17:32:35.297671 2018] [mpm_winnt:info] [pid 13736:tid 592] AH80001: Compiled with: Visual Studio 2015
[Sat Aug 25 17:32:35.297671 2018] [core:notice] [pid 13736:tid 592] AH00094: Command line: 'Apache_2.4.34/bin/httpd.exe -d C:/wamp_p/Apache_2.4.34'
[Sat Aug 25 17:32:35.300667 2018] [mpm_winnt:notice] [pid 13736:tid 592] AH00418: Parent: Created child process 14088
[Sat Aug 25 17:32:35.660294 2018] [ssl:info] [pid 14088:tid 652] AH01887: Init: Initializing (virtual) servers for SSL
[Sat Aug 25 17:32:35.660294 2018] [ssl:info] [pid 14088:tid 652] AH01914: Configuring server servertwo.tld:443 for SSL protocol
[Sat Aug 25 17:32:35.661293 2018] [ssl:info] [pid 14088:tid 652] AH02568: Certificate and private key servertwo.tld:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/servertwo.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/servertwo.key
[Sat Aug 25 17:32:35.661293 2018] [ssl:info] [pid 14088:tid 652] AH01914: Configuring server serverone.tld:443 for SSL protocol
[Sat Aug 25 17:32:35.661293 2018] [ssl:info] [pid 14088:tid 652] AH02568: Certificate and private key serverone.tld:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/serverone.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/serverone.key
[Sat Aug 25 17:32:35.662292 2018] [ssl:info] [pid 14088:tid 652] AH01914: Configuring server localhost:443 for SSL protocol
[Sat Aug 25 17:32:35.662292 2018] [ssl:warn] [pid 14088:tid 652] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Sat Aug 25 17:32:35.662292 2018] [ssl:info] [pid 14088:tid 652] AH02568: Certificate and private key localhost:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/server.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/server.key
[Sat Aug 25 17:32:35.662292 2018] [ssl:info] [pid 14088:tid 652] AH01876: mod_ssl/2.4.34 compiled against Server: Apache/2.4.34, Library: OpenSSL/1.1.0h
[Sat Aug 25 17:32:35.688265 2018] [socache_shmcb:info] [pid 14088:tid 652] AH00830: Shared memory socache initialised
[Sat Aug 25 17:32:35.688265 2018] [ssl:info] [pid 14088:tid 652] AH01887: Init: Initializing (virtual) servers for SSL
[Sat Aug 25 17:32:35.688265 2018] [ssl:info] [pid 14088:tid 652] AH01914: Configuring server servertwo.tld:443 for SSL protocol
[Sat Aug 25 17:32:35.688265 2018] [ssl:info] [pid 14088:tid 652] AH02568: Certificate and private key servertwo.tld:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/servertwo.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/servertwo.key
[Sat Aug 25 17:32:35.688265 2018] [ssl:info] [pid 14088:tid 652] AH01914: Configuring server serverone.tld:443 for SSL protocol
[Sat Aug 25 17:32:35.689264 2018] [ssl:info] [pid 14088:tid 652] AH02568: Certificate and private key serverone.tld:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/serverone.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/serverone.key
[Sat Aug 25 17:32:35.689264 2018] [ssl:info] [pid 14088:tid 652] AH01914: Configuring server localhost:443 for SSL protocol
[Sat Aug 25 17:32:35.689264 2018] [ssl:warn] [pid 14088:tid 652] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Sat Aug 25 17:32:35.689264 2018] [ssl:info] [pid 14088:tid 652] AH02568: Certificate and private key localhost:443:0 configured from C:/wamp_p/Apache_2.4.34/conf/ssl/server.crt and C:/wamp_p/Apache_2.4.34/conf/ssl/server.key
[Sat Aug 25 17:32:35.689264 2018] [ssl:info] [pid 14088:tid 652] AH01876: mod_ssl/2.4.34 compiled against Server: Apache/2.4.34, Library: OpenSSL/1.1.0h
[Sat Aug 25 17:32:35.703250 2018] [mpm_winnt:notice] [pid 14088:tid 652] AH00354: Child: Starting 64 worker threads.
[ssl:warn][pid 14088:tid 652]AH01909:localhost:443:0服务器证书未包含与服务器名称匹配的ID行表示证书有问题
httpd.conf包含以下相关行:
LoadModule ssl_module modules/mod_ssl.so
<IfModule ssl_module>
#Include conf/extra/httpd-ssl.conf
Include conf/extra/httpd-ahssl.conf
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
httpd-ahssl.conf是原始的,没有更改
PHPinfo相关输出为
当我将Apache安装为系统服务时,由于此错误,它不会启动,但我可以手动或使用netstart命令启动它,并且它可以正常工作
第二:
我安装了phpmyadmin,但没有配置服务器(没有复制ini)。
当我尝试使用测试帐户登录时,它是无法登录的。
错误是显而易见的
当我打开cmd并使用mysql-u test-p登录时,它可以工作,我也可以使用phpmyadmin登录。
在sql server和/或http server未重新启动之前,任何时候都可以使用在此会话中也登录到控制台的用户登录
那是属于ssl的吗
我在php.ini和httpd.conf上也对其进行了评论,服务器重新启动,但登录问题仍然存在
我需要做什么?
谢谢
更新1:
我试图生成新证书,但遇到了麻烦。它找不到配置文件,但它在那里搜索配置文件。双重检查:
c:\wamp_p\Apache_2.4.34\bin>openssl req -new -x509 -nodes -out server.crt -keyout server.key
Can't open 'C:\wamp_p\Apache_2.4.34\conf\openssl.cnf' for reading, Invalid argument
1664:error:0200107B:system library:fopen:Unknown error:crypto\bio\bss_file.c:74:fopen(''C:\wamp_p\Apache_2.4.34\conf\openssl.cnf'','rb')
1664:error:2006D002:BIO routines:BIO_new_file:system lib:crypto\bio\bss_file.c:83:
1664:error:0E078002:configuration file routines:def_load:system lib:crypto\conf\conf_def.c:152:
1664:error:0200107B:system library:fopen:Unknown error:crypto\bio\bss_file.c:74:fopen(''C:\wamp_p\Apache_2.4.34\conf\openssl.cnf'','r')
1664:error:2006D002:BIO routines:BIO_new_file:system lib:crypto\bio\bss_file.c:83:
Generating a 2048 bit RSA private key
......+++
..........................................................+++
writing new private key to 'server.key'
-----
unable to find 'distinguished_name' in config
problems making Certificate Request
1664:error:0E06D06A:configuration file routines:NCONF_get_string:no conf or environment variable:crypto\conf\conf_lib.c:272:
我安装了一个xampp安装程序,并从中获取server.key和server.crt文件,将nad复制到我的apache conf/ssl目录,并覆盖原始文件
启动服务器后,在error.log中找不到SSL:Warn记录
openssl req -new -newkey rsa:2048 -sha256 -days 365 -nodes -x509 -keyout server.key -out server.crt -config "C:\wamp_p\Apache_2.4.34\conf\openssl.cnf"
PhpMyAdmin仍然无法登录,直到我没有使用测试用户的mysql.exe登录。我不明白windows终端和webbrowser phpmyadmin之间的连接是什么
当我使用phpmyadmin a成功登录,并看到ssl未被使用时
更新2:
我认为这不是ssl证书问题。
这是console和webbrowser中的逐步测试代码:
----------------- Windows command line -----------------
c:\wamp_p\mysql_8.0.12\bin>net stop mysql
The MySQL service is stopping.
The MySQL service was stopped successfully.
----------------- Chrome browser with sqltest.php -----------------
Warning: mysqli_connect(): (HY000/2002): No connection could be made because the target machine actively refused it. in C:\wamp_p\htdocs\sql.php on line 3
Error: Unable to connect to MySQL. Debugging errno: 2002 Debugging error: No connection could be made because the target machine actively refused it.
----------------- Windows command line -----------------
c:\wamp_p\mysql_8.0.12\bin>net start mysql
The MySQL service is starting.
The MySQL service was started successfully.
----------------- Chrome browser with sqltest.php -----------------
Warning: mysqli_connect(): PHP was built without openssl extension, can't send password encrypted in C:\wamp_p\htdocs\sql.php on line 3
Warning: mysqli_connect(): (HY000/1045): Access denied for user 'test'@'localhost' (using password: YES) in C:\wamp_p\htdocs\sql.php on line 3
Error: Unable to connect to MySQL. Debugging errno: 1045 Debugging error: Access denied for user 'test'@'localhost' (using password: YES)
----------------- Windows command line -----------------
c:\wamp_p\mysql_8.0.12\bin>mysql -u test -p
Enter password: ****
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 8.0.12 MySQL Community Server - GPL
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
----------------- Chrome browser with sqltest.php -----------------
Warning: mysqli_connect(): (HY000/1049): Unknown database 'my_db' in C:\wamp_p\htdocs\sql.php on line 3
Error: Unable to connect to MySQL. Debugging errno: 1049 Debugging error: Unknown database 'my_db'
----------------- Windows command line -----------------
mysql> quit
Bye
c:\wamp_p\mysql_8.0.12\bin>
----------------- Chrome browser with sqltest.php -----------------
Warning: mysqli_connect(): (HY000/1049): Unknown database 'my_db' in C:\wamp_p\htdocs\sql.php on line 3
Error: Unable to connect to MySQL. Debugging errno: 1049 Debugging error: Unknown database 'my_db'
更新3:
Mysql服务器8更改了密码,因此使其强制回退到旧密码插件来解决登录问题。
使用以下内容将my.ini安装到mysql服务器:
[mysqld]
default_authentication_plugin=mysql_native_password
到第一部分: 在apache bin目录中找到Openssh.exe 在virtualserver指令的apache/conf/extra/httpd-ahssl.conf文件中找到服务器名称。在我的例子中,它是localhost Openssh.cnf位于apache conf目录中 生成密钥和CRT文件,并将其复制到conf/ssl dir,然后重新启动服务器
openssl req -new -newkey rsa:2048 -sha256 -days 365 -nodes -x509 -keyout server.key -out server.crt -config "C:\wamp_p\Apache_2.4.34\conf\openssl.cnf"
到第二部分(对于phpmyadmin):
默认情况下,MySQL服务器8有一个新的密码验证插件。
要将原始密码插件应用于mysql目录根目录,请创建my.ini
[mysqld]
default_authentication_plugin=mysql_native_password
如果已经创建了用户,则需要对其进行更改。
您可以使用检查用户的密码验证插件
USE MYSQL;
SELECT user,host,plugin from user;
再见 我不建议共享您的证书,但我认为您的问题在于此,正如您在第二张图片中看到的,openssl已启用,但phpinfo在\apache24\conf/openssl.cnf中显示了openssl默认配置。它正好位于C:\wamp\u p\Apache\u 2.4.34\conf\openssl.cnf中。我在php.ini、httpd.conf、http-ahssl.conf中找不到此apache24字符串的任何配置设置。也许它是在php openssl扩展中硬编码的?