一、配置https
1、安裝好httpd服務后,安裝mod_ssl模塊
//首先查看是否安裝mod_ssl [root@localhost ~]# rpm -qa | grep mod_ssl //安裝mod_ssl模塊 [root@localhost ~]# yum install -y mod_ssl ........... Installed: mod_ssl-1:2.4.37-16.module+el8.1.0+4134+e6bad0ed.x86_64 sscg-2.3.3-6.el8.x86_64 Complete!
2、在/etc/httpd/conf.modules.d/目錄查看是否z自動生成00-ssl.conf文件
[root@localhost ~]# cd /etc/httpd/conf.modules.d/ [root@localhost conf.modules.d]# ls 00-base.conf 00-dav.conf 00-lua.conf 00-mpm.conf 00-optional.conf 00-proxy.conf 00-ssl.conf 00-systemd.conf 01-cgi.conf 10-h2.conf 10-proxy_h2.conf README //查看00-ssl.conf里面,如下內容是否取消了注釋,如果沒有就取消注釋 LoadModule ssl_module modules/mod_ssl.so
3、生成證書
4、在/etc/httpd/conf.d/ssl.conf文件里配置證書的位置
[root@localhost ~]# cd /etc/httpd/conf.d/ [root@localhost conf.d]# ls autoindex.conf httpd-vhosts.conf README ssl.conf userdir.conf welcome.conf [root@localhost conf.d]# vim ssl.conf .......... DocumentRoot "/var/www/html/test1" //取消該行的注釋,修主目錄的位置 ServerName www.qiangge.com:443 //取消該行的注釋,修改域名(主機名) .......... SSLCertificateFile /etc/httpd/ssl/httpd.crt //修改http存放證書的絕對路徑 .......... SSLCertificateKeyFile /etc/httpd/ssl/httpd.key //修改http存放密鑰文件的絕對路徑 ..........
5、重啟httpd服務
//首先檢測配置文件語法是否出錯
[root@localhost ~]# httpd -t
Syntax OK
//重啟httpd服務
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# ss -antlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=1020,fd=4))
LISTEN0 128 *:80 *:* users:(("httpd",pid=19290,fd=4),("httpd",pid=19289,fd=4),("httpd",pid=19288,fd=4),("httpd",pid=19286,fd=4))
LISTEN0 128 [::]:22 [::]:* users:(("sshd",pid=1020,fd=6))
LISTEN0 128 *:443 *:* users:(("httpd",pid=19290,fd=9),("httpd",pid=19289,fd=9),("httpd",pid=19288,fd=9),("httpd",pid=19286,fd=9))
//443端口已經監聽,說明https配置成功
6、瀏覽器使用https訪問
