1, 生成 server.key
sudo openssl genrsa -des3 -out server.key 1024
运行结果
Generating RSA private key, 1024 bit long modulus
…………………++++++
……………..++++++
unable to write ‘random state’
e is 65537 (0×10001)
Enter pass phrase for server.key:
输入pass phrase生成server.key。(以后每次重启apache2 需要此pass phrase)
2,生成CSR
sudo openssl req -new -key server.key -out server.csr
运行后需要输入一系列信息,包括“Company Name”, “Site Name”等,最后产生server.csr。
3, 生成自签名证书(self-signed certificate)
sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
输入 pass phrase 后,产生server.crt
4,安装证书
sudo cp server.crt /etc/ssl/certs
sudo cp server.key /etc/ssl/private
5,配置 ssl 对应的虚拟主机 Listen 443 SSLEngine on SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key 。。。 6,重启 apache2
sudo /etc/init.d/apache2 restart
以 51kaiyuan.com为例,运行结果如下:
* Restarting web server apache2 apache/2.2.8 mod_ssl/2.2.8 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases.
Server www.51kaiyuan.com:443 (RSA) Enter pass phrase:
此处需要输入 pass phrase,输入正确后启动成功。
参考文献:https://help.ubuntu.com/7.10/server/C/httpd.html#https-configuration
作者:yaozer 原文链接:在ubuntu server8.04上设置ssl,支持https
欢迎转载, 非常感谢你能注明作者和原始出处。
I have to use the experience in to thank we for your a professional pointers We certainly have on a regular basis demonstrated possibilities yuor web blog. We’re anxious about the retailer’s graduation having to do with each of our institution seek and then the maximum foot work would not has become absolute minus getting up to your web site. Considerably more than simply may perhaps be in any assistance to whilst, I’ll be pleased for of what I have always experienced came from here.
I don’t even understand how I ended up here, however I thought this submit was once great. I don’t understand who you’re but certainly you’re going to a famous blogger should you aren’t already. Cheers!
Im no professional, but I imagine you just made a very good point point. You undoubtedly know what youre speaking about, and I can really get behind that. Thanks for being so upfront and so honest.
You are professional.
I will immediately grab your rss feed as I can’t find your email subscription link or newsletter service. Do you’ve any? Please let me know so that I could subscribe. Thanks.