Linux Apache2 集成 openssl 实现 https 加密传输

时间:2022-10-06 10:04:10

1. 下载 openssl

2. 下载 apache2

3.安装 openssl

# cd openssl
# ./config --prefix=/usr/local/openssl
# make
# make test
# make install

4 安装 apache2

# cd httpd-2.4.6#./configure --prefix=/usr/local/apache2 --enable-so --enable-modules=shared --enable-mods-shared=all \--enable-proxy --enable-proxy-connect --enable-proxy-ftp --enable-proxy-http \--enable-proxy-ajp --enable-proxy-balancer --enable-rewrite \--enable-ssl \--with-apr=/usr/local/apr \--with-apr-util=/usr/local/apr-util/ \--with-pcre=/usr/local/pcre \--with-ssl=/usr/local/openssl# make && make install

     有关 apr ,apr-util, pcre 等插件的安装,见具体博文:http://now51jq.blog.51cto.com/3474143/1317581

5. 生成授权文件和证书

# cd apache2/conf# mkdir ssl.key# cd ssl.key#openssl genrsa -des3 -out server.key 1024#openssl req -new -key server.key -out server.csr#openssl x509 -req -days 700 -in server.csr -signkey server.key -out server.crt

6.修改 httpd.conf

#Listen 80Include conf/extra/httpd-ssl.conf

7.修改 httpd-ssl.conf


SSLCertificateFile "/usr/local/apache2/conf/ssl.key/server.crt"SSLCertificateKeyFile "/usr/local/apache2/conf/ssl.key/server.key"



启动 apache2

apachectl start


可能会出现的异常:

libssl.a(s2_meth.o): relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC

解决办法:重新编译openssl
引用

make clean./config -fPIC --prefix=/usr/local/openssl enable-shared


If you are getting the below error message, make sure to uncomment the line shown below in httpd.conf

# /usr/local/apache2/bin/apachectl startAH00526: Syntax error on line 51 of /usr/local/apache2/conf/extra/httpd-ssl.conf:Invalid command 'SSLCipherSuite', perhaps misspelled or defined by a module not included in the server configuration# vi /usr/local/apache2/conf/httpd.confLoadModule ssl_module modules/mod_ssl.so

If you are getting the below error message, make sure to uncomment the line shown below in httpd.conf

# /usr/local/apache2/bin/apachectl startAH00526: Syntax error on line 76 of /usr/local/apache2/conf/extra/httpd-ssl.conf:SSLSessionCache: 'shmcb' session cache not supported (known names: ). Maybe you need to load the appropriate socache module (mod_socache_shmcb?).# vi /usr/local/apache2/conf/httpd.confLoadModule socache_shmcb_module modules/mod_socache_shmcb.so


本文出自 “流浪的脚步” 博客,请务必保留此出处http://now51jq.blog.51cto.com/3474143/1329658

标签:

相关文章