{"id":1089,"date":"2021-08-01T07:21:01","date_gmt":"2021-07-31T23:21:01","guid":{"rendered":"https:\/\/www.dxQerp.cn\/?p=1089"},"modified":"2021-09-06T07:05:11","modified_gmt":"2021-09-05T23:05:11","slug":"how-to-create-and-install-self-signed-certificate-in-apache","status":"publish","type":"post","link":"http:\/\/www.dxQerp.cn\/?p=1089","title":{"rendered":"Apache \u5982\u4f55\u5b89\u88dd\u8207\u8a2d\u5b9a CA"},"content":{"rendered":"\r\n<p>SSL \u662f \u7528\u65bc <strong>\u7528\u6236<\/strong> \u548c\u00a0<strong> Web \u670d\u52d9\u5668<\/strong> \u4e4b\u9593<strong>\u7db2\u8def\u5c01\u5305<\/strong>\u806f\u7e6b\u7684<strong>\u52a0\u5bc6\u7684\u6280\u8853<\/strong>\u3002<\/p>\r\n<p><strong>CA \u8b49\u66f8<\/strong>\u662f \u5c0d<strong> \u7db2\u8def\u5c01\u5305 <\/strong>\u9032\u884c<strong>\u52a0\u5bc6<\/strong>\u7684<strong>\u6191\u8b49<\/strong>\uff0c\u56e0\u6b64\u53ef\u4ee5 \u6e1b\u5c11 \u99ed\u5ba2 \u7acaf\u53d6\u8cc7\u8a0a\u7684\u6a5f\u6703\u3002<br \/>\u81ea\u5df1 \u767c\u884c\u7684 <strong>CA\u8b49\u66f8<\/strong> \u53ef\u4ee5\u4f7f\u7528\uff0c\u4f46\u7121\u6cd5\u4f7f\u7528\u5728 <strong>\u4fe1\u7528\u5361<\/strong> \u6216\u662f <strong>PayPal<\/strong>\u00a0 \u7b49\u91d1\u878d\u74b0\u5883\u4e2d\u3002<\/p>\r\n\r\n\r\n\r\n<h4><span style=\"color: #000000;\">Step 1 \u2013 Install mod_ssl Package<\/span><\/h4>\r\n\r\n\r\n\r\n<p>\u70ba\u4e86\u8a2d\u7f6e CA \u8b49\u66f8\uff0c\u8acb\u78ba\u4fdd\u60a8\u7684\u7cfb\u7d71\u4e0a\u5b89\u88dd\u4e86 mod_ssl\u3002 \u5982\u679c\u5c1a\u672a\u5b89\u88dd\uff0c\u8acb\u4f7f\u7528\u4ee5\u4e0b\u547d\u4ee4\u9032\u884c\u5b89\u88dd\u3002 \u5b89\u88dd\u4ee5\u5275\u5efaCA\u8b49\u66f8\u3002<\/p>\r\n\r\n\r\n\r\n<pre class=\"wp-block-code\"><code><span style=\"color: #800000;\">dnf install mod_ssl openssl<\/span><\/code><\/pre>\r\n\r\n\r\n\r\n<p>&nbsp;<\/p>\r\n\r\n\r\n\r\n<h4>Step 2 \u2013 \u5efa\u7acb\u5c6c\u65bc\u81ea\u5df2\u767c\u884c\u7684 \u8a8d\u8b49\u4e2d\u5fc3<\/h4>\r\n\r\n\r\n\r\n<p>\u5b89\u88dd mod_ssl \u548c openSSL \u5f8c\uff0c\u4f7f\u7528\u4ee5\u4e0b\u547d\u4ee4\u70ba\u81ea\u5df1\u7684 <strong>\u57df<\/strong>\u540d \u5275\u5efa\u81ea\u7c3d\u540d\u8b49\u66f8\u3002(\u6216\u662f\u67e5\u770b)<\/p>\r\n\r\n\r\n\r\n<pre class=\"wp-block-code\"><code><span style=\"color: #800000;\">mkdir -p \/etc\/pki\/tls\/certs<\/span>  # \u5efa\u7acb \u76ee\u9304\r\n<span style=\"color: #800000;\">cd \/etc\/pki\/tls\/certs<\/span>        # \u8f49\u9032 \u8def\u5f91 (\u7576\u524d\u76ee\u9304)<\/code><\/pre>\r\n\r\n\r\n\r\n<p><strong>\u5efa\u7acb \u65b0\u7684\u00a0 CA \u8b49\u66f8<\/strong><\/p>\r\n\r\n\r\n\r\n<pre class=\"wp-block-code\"><code><span style=\"color: #800000;\"> openssl req -x509 -nodes -newkey rsa:2048 -keyout <strong>first.com.key<\/strong> -out <strong>first.com.crt<\/strong><\/span>\r\n openssl req -x509 -nodes -newkey rsa:2048 -days 1825 -keyout <strong>first.com.key<\/strong> -out <strong>first.com.crt<\/strong> <\/code><\/pre>\r\n\r\n\r\n\r\n<p>\u4e0a\u8ff0\u547d\u4ee4\u5c07\u5728<strong>\u7576\u524d\u76ee\u9304<\/strong>\u4e2d\u5275\u5efa\u4e00\u500b ssl \u5bc6\u9470\u6587\u4ef6 <span style=\"color: #800000;\"><strong>first<\/strong><\/span><strong><span style=\"color: #800000;\">.com.key<\/span><\/strong> \u548c\u4e00\u500b\u8b49\u66f8\u6587\u4ef6 <span style=\"color: #800000;\"><strong>first.com.crt <\/strong><\/span><\/p>\r\n\r\n\r\n\r\n<h4>Step 3 \u2013 \u5728 Apache \u914d\u7f6e SSL \u865b\u64ec\u4e3b\u6a5f port 443<\/h4>\r\n\r\n\r\n\r\n<pre class=\"wp-block-code\"><code><span style=\"color: #800000;\">vi \/etc\/httpd\/conf.d\/BBB_SSL.conf <\/span>     # \u5efa\u7acb <strong>SSL \u865b\u64ec\u4e3b\u6a5f<\/strong> \u74b0\u5883\u8a2d\u5b9a \u6a94<\/code><\/pre>\r\n\r\n\r\n\r\n<pre class=\"wp-block-code\"><code>&lt;VirtualHost *:443&gt;\r\n   ServerAdmin admin@first.com\r\n   DocumentRoot \/var\/www\/first.com\r\n   ServerName www.first.com\r\n   ServerAlias www.first.com\r\n   &lt;Directory \/var\/www\/first.com&gt;\r\n      #Allowoverride all Uncomment if required\r\n   &lt;\/Directory&gt;\r\n   SSLEngine on # \u5c07\u6b64\u8a2d\u7f6e\u70ba\u201c\u958b\u201d\r\n   SSLCertificateFile \/etc\/pki\/tls\/certs\/first.com.crt # \u8a2d\u7f6e SSL \u8b49\u66f8\u7684\u4f4d\u7f6e\r\n   SSLCertificateKeyFile \/etc\/pki\/tls\/certs\/first.com.key # \u8a2d\u7f6e SSL \u79c1\u9470\u8b49\u66f8\u7684\u4f4d\u7f6e\r\n   ErrorLog  logs\/first.com_ssl-error.log\r\n   CustomLog logs\/first.com_ssl-access.log combined\r\n&lt;\/VirtualHost&gt;<\/code><\/pre>\r\n\r\n\r\n\r\n<p>&nbsp;<\/p>\r\n\r\n\r\n\r\n<h4 class=\"heading1\">Step 4 \u2013 \u91cd\u555f Apache<\/h4>\r\n\r\n\r\n\r\n<pre class=\"wp-block-code\"><code><span style=\"color: #800000;\">systemctl restart httpd<\/span><\/code><\/pre>\r\n\r\n\r\n\r\n<p>&nbsp;<\/p>\r\n\r\n\r\n\r\n<h4>Step 5 \u2013 \u4f7f\u7528 HTTPS \u6e2c\u8a66\u7db2\u7ad9<\/h4>\r\n\r\n\r\n\r\n<p>\u6700\u5f8c\uff0c\u4f7f\u7528 <strong>https<\/strong> \u5728\u60a8\u559c\u6b61\u7684 <strong>Web \u700f\u89bd\u5668<\/strong>\u4e2d\u6253\u958b\u60a8\u7684\u7ad9\u9ede\u3002<\/p>\r\n\r\n\r\n\r\n<p>\u5b83\u9700\u8981\u6253\u958b<strong>\u7aef\u53e3 443<\/strong> \u624d\u80fd\u4f7f\u7528 https \u8a2a\u554f\u7ad9\u9ede.<\/p>\r\n\r\n\r\n\r\n<p>\u7531\u65bc\u6211\u5011\u4f7f\u7528\u7684\u662f\u81ea\u5df1\u767c\u884c\u7684CA\u8b49\u66f8\uff0c\u60a8\u5c07\u5728\u700f\u89bd\u5668\u4e2d\u6536\u5230\u4e00\u689d<strong>\u8b66\u544a\u6d88\u606f<\/strong>\u3002 \u60a8\u53ef\u4ee5<strong>\u7c21\u55ae\u5730\u5ffd\u7565<\/strong>\u6b64\u6d88\u606f.<\/p>\r\n\r\n\r\n\r\n<h3><strong>THE END<\/strong><\/h3>\r\n\r\n\r\n\r\n<p><strong>\u53c3\u8003<\/strong><\/p>\r\n\r\n\r\n\r\n<p><a href=\"https:\/\/tecadmin.net\/create-and-install-self-signed-certificate-in-apache\/\">How to Create and Install Self Signed Certificate in Apache<\/a><\/p>\r\n","protected":false},"excerpt":{"rendered":"<p>SSL \u662f \u7528\u65bc \u7528\u6236 \u548c\u00a0 Web \u670d\u52d9\u5668 \u4e4b\u9593\u7db2\u8def\u5c01\u5305\u806f\u7e6b\u7684\u52a0\u5bc6\u7684\u6280\u8853\u3002 CA \u8b49\u66f8\u662f \u5c0d \u7db2\u8def\u5c01\u5305 \u9032\u884c [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1178,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[37],"tags":[],"jetpack_featured_media_url":"http:\/\/www.dxQerp.cn\/wp-content\/uploads\/2021\/08\/HTTP-SERVER-TEST-PAGE-SSL.png","_links":{"self":[{"href":"http:\/\/www.dxQerp.cn\/index.php?rest_route=\/wp\/v2\/posts\/1089"}],"collection":[{"href":"http:\/\/www.dxQerp.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.dxQerp.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.dxQerp.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.dxQerp.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1089"}],"version-history":[{"count":29,"href":"http:\/\/www.dxQerp.cn\/index.php?rest_route=\/wp\/v2\/posts\/1089\/revisions"}],"predecessor-version":[{"id":1504,"href":"http:\/\/www.dxQerp.cn\/index.php?rest_route=\/wp\/v2\/posts\/1089\/revisions\/1504"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.dxQerp.cn\/index.php?rest_route=\/wp\/v2\/media\/1178"}],"wp:attachment":[{"href":"http:\/\/www.dxQerp.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1089"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.dxQerp.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1089"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.dxQerp.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1089"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}