安装apache
# yum -y install httpd
配置httpd.conf
1.新建一个虚拟主机,我们配置域名为apache.v5linux.com
cp /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf /etc/httpd/conf.d/01-v5linux.com.conf
2.修改配置文件
# vim 01-v5linux.com.conf
<VirtualHost *:80>
#ServerAdmin [email protected]
DocumentRoot "/var/www/v5linux/"
ServerName apache.v5linux.com
ServerAlias apache.v5linux.com
ErrorLog "/var/log/httpd/apache-v5linux-error_log"
CustomLog "/var/log/httpd/apache-v5linux-access_log" common
</VirtualHost>
3.重启apache
[root@centos-1gb-sfo2-01 conf.d]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@centos-1gb-sfo2-01 conf.d]# systemctl start httpd
4.创建目录
[root@centos-1gb-sfo2-01 conf.d]# cd /var/www/
[root@centos-1gb-sfo2-01 www]# mkdir v5linux
5.写入一个测试html
[root@centos-1gb-sfo2-01 v5linux]# vim index.html
[root@centos-1gb-sfo2-01 v5linux]# cat index.html
this is apache.v5linux.com
6.做下域名解析,指向apache.v5linux.com 然后等解析生效后访问
配置证书
申请证书
查看这篇文章https://awen.me/post/248023261.html
申请成功,会有提示
[Tue Jul 25 08:24:08 UTC 2017] Your cert is in /root/.acme.sh/apache.v5linux.com/apache.v5linux.com.cer
[Tue Jul 25 08:24:08 UTC 2017] Your cert key is in /root/.acme.sh/apache.v5linux.com/apache.v5linux.com.key
[Tue Jul 25 08:24:08 UTC 2017] The intermediate CA cert is in /root/.acme.sh/apache.v5linux.com/ca.cer
[Tue Jul 25 08:24:08 UTC 2017] And the full chain certs is there: /root/.acme.sh/apache.v5linux.com/fullchain.cer
将证书拷贝到/etc/httpd/ssl目录,当然您愿意放哪里都可以
[root@centos-1gb-sfo2-01 conf]# mkdir /etc/httpd/ssl
[root@centos-1gb-sfo2-01 conf]# cp -rf /root/.acme.sh/apache.v5linux.com/ /etc/httpd/ssl/
安装apache ssl模块
1.安装
yum install -y mod_ssl
2.查看
[root@centos-1gb-sfo2-01 conf.modules.d]# ls /etc/httpd/modules/ | grep "mod_ssl"
mod_ssl.so
3.其配置文件在/etc/httpd/conf.modules.d下的00-ssl.conf
[root@centos-1gb-sfo2-01 conf.modules.d]# ls
00-base.conf 00-dav.conf 00-lua.conf 00-mpm.conf 00-proxy.conf 00-ssl.conf 00-systemd.conf 01-cgi.conf
[root@centos-1gb-sfo2-01 conf.modules.d]# vim 00-ssl.conf
[root@centos-1gb-sfo2-01 conf.modules.d]# cat 00-ssl.conf
LoadModule ssl_module modules/mod_ssl.so
5.编辑etc/httpd/conf.d/ssl.conf 文件,修改如下几行
<VirtualHost _default_:443>
# General setup for the virtual host, inherited from global configuration
DocumentRoot "/var/www/v5linux" #修改为自己的web目录
ServerName apache.v5linux.com:443 # 修改为自己的域名
SSLCertificateFile /etc/pki/tls/certs/localhost.crt #修改为自己的公钥路径
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key #修改为自己的私钥路径
如图所示
然后重启httpd
systemctl restart httpd
再次访问
这种方法是http也可以访问,https也可以访问,如果说你希望访问http跳转到https,则修改/etc/httpd/conf.d/01-v5linux.com.conf端口的配置
<VirtualHost *:80>
#ServerAdmin [email protected]
DocumentRoot "/var/www/v5linux/"
ServerName apache.v5linux.com
ServerAlias apache.v5linux.com
ErrorLog "/var/log/httpd/apache-v5linux-error_log"
CustomLog "/var/log/httpd/apache-v5linux-access_log" common
#开启rewrite
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)?$ https://%{SERVER_NAME}/ [L,R]
</VirtualHost>