Linux Apache2 集成 openssl 实现 https 加密传输
1. 下载 openssl2. 下载 apache2
3.安装 openssl
# cd openssl
# ./config --prefix=/usr/local/openssl
# make
# make test
# make install 4 安装 apache2
# cd httpd-2.4.6
#./configure --prefix=/usr/local/apache2 --enable-so --enable-modules=shared --enable-mods-shared=all \
--enable-proxy --enable-proxy-connect --enable-proxy-ftp --enable-proxy-http \
--enable-proxy-ajp --enable-proxy-balancer --enable-rewrite \
--enable-ssl \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util/ \
--with-pcre=/usr/local/pcre \
--with-ssl=/usr/local/openssl
# make && make install 有关 apr ,apr-util, pcre 等插件的安装,见具体博文:http://now51jq.blog.51cto.com/3474143/1317581
5. 生成授权文件和证书
# cd apache2/conf
# mkdir ssl.key
# cd ssl.key
#openssl genrsa -des3 -out server.key 1024
#openssl req -new -key server.key -out server.csr
#openssl x509 -req -days 700 -in server.csr -signkey server.key -out server.crt 6.修改 httpd.conf
#Listen 80
Include conf/extra/httpd-ssl.conf 7.修改 httpd-ssl.conf
SSLCertificateFile "/usr/local/apache2/conf/ssl.key/server.crt"
SSLCertificateKeyFile "/usr/local/apache2/conf/ssl.key/server.key"
启动 apache2
apachectl start
可能会出现的异常:
libssl.a(s2_meth.o): relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC 解决办法:重新编译openssl
引用
make clean
./config -fPIC --prefix=/usr/local/openssl enable-shared
If you are getting the below error message, make sure to uncomment the line shown below in httpd.conf
# /usr/local/apache2/bin/apachectl start
AH00526: Syntax error on line 51 of /usr/local/apache2/conf/extra/httpd-ssl.conf:
Invalid command 'SSLCipherSuite', perhaps misspelled or defined by a module not included in the server configuration
# vi /usr/local/apache2/conf/httpd.conf
LoadModule ssl_module modules/mod_ssl.soIf you are getting the below error message, make sure to uncomment the line shown below in httpd.conf
# /usr/local/apache2/bin/apachectl start
AH00526: Syntax error on line 76 of /usr/local/apache2/conf/extra/httpd-ssl.conf:
SSLSessionCache: 'shmcb' session cache not supported (known names: ). Maybe you need to load the appropriate socache module (mod_socache_shmcb?).
# vi /usr/local/apache2/conf/httpd.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
页:
[1]