风云资源站

Apache安装SSL证书

  1. 创建私钥(可选,用于申请证书):
openssl genrsa 2048 > private-key.pem
  1. 创建证书签名 (CSR,可选):
openssl req -new -key private-key.pem -out csr.pem
  1. 上传到服务器:
scp ./STAR_yourdomain_com/* yourdomain:/etc/pki/tls/private/
  1. 合并正规渠道获得的证书:
cat STAR_yourdomain_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > ssl-bundle.crt
  1. 配置Apache(不再累述详细配置过程):
<VirtualHost *:443>
  ServerName *.yourdomain.com
  SSLEngine on

  SSLCertificateFile /etc/pki/tls/private/STAR_yourdomain_com.crt
  SSLCertificateKeyFile /etc/pki/tls/private/STAR_yourdomain_com.key
  SSLCertificateChainFile /etc/pki/tls/private/ssl-bundle.crt
  SSLCACertificateFile /etc/pki/tls/private/AddTrustExternalCARoot.crt
</VirtualHost>

我要评论