-
为第4题中的第2个虚拟主机提供https服务,使得用户可以通过https安全的访问此web站点;
-
(1)要求使用证书认证,证书中要求使用的国家(CN)、州(HA)、城市(ZZ)和组织(MageEdu);
-
(2)设置部门为Ops,主机名为www2.stuX.com,邮件为admin@stuX.com; [
root@centos CA]# touch index.txt serial [root@centos CA]# echo 01 > serial [root@centos CA]# (umask 077;openssl genrsa -out ./private/cakey.pem 1024) Generating RSA private key, 1024 bit long modulus .......................................................++++++ .......++++++ e is 65537 (0x10001) [root@centos CA]# openssl req -new -x509 -key ./private/cakey.pem -out ./cacert.pem [root@centos CA]# cd /usr/local/apache/ [root@centos apache]# mkdir ssl [root@centos apache]# (umask 077;openssl genrsa -out ./ssl/http.key 1024) [root@centos CA]# cd /usr/local/apache/ [root@centos apache]# mkdir ssl [root@centos apache]# (umask 077;openssl genrsa -out ./ssl/http.key 1024) Generating RSA private key, 1024 bit long modulus ..................................++++++ .......................................++++++ e is 65537 (0x10001) [root@centos apache]# openssl req -new -key ./ssl/http.key -out ./ssl/http.crst -days 3600[root@centos apache]# openssl ca -in ./ssl/http.crst -out ./ssl/http.crt -days 3600[root@centos ~]# cd /usr/local/apache/ssl/ [root@centos ssl]# ls http.crst http.crt http.key 之后修改/etc/httpd24/httpd.conf LoadModule ssl_module modules/mod_ssl.so Include /etc/httpd24/extra/httpd-ssl.conf 然后编辑/etc/httpd24/extra/httpd-ssl.conf如下 <VirtualHost _default_:443> DocumentRoot "/web/vhost/www2/" ServerName www2.stuX.com ErrorLog "/var/log/httpd/www2.err" CustomLog "/var/log/httpd/www2.access" common <Directory "/web/vhost/www2/"> AllowOverride None Options None Require all granted </Directory> SSLCertificateFile "/usr/local/apache/ssl/http.crt"SSLCertificateKeyFile "/usr/local/apache/ssl/http.key"</VirtualHost>
6、在LAMP架构中,请分别以php编译成httpd模块形式
yum groupinstall "Development Tools" "Server Platform Development"------>安装包组1、编译安装Apachehttpd-2.4.9需要较新版本的apr和apr-util,因此需要事先对其进行升级 (1)、编译安装apr tar xf apr-1.5.0.tar.bz2 cd apr-1.5.0 ./configure --prefix=/usr/local/apr make && make install (2)、编译安装apr-util tar xf apr-util-1.5.3.tar.bz2 cd apr-util-1.5.3./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr make && make install (3)、编译安装httpd groupadd -r apache useradd -r -g apache apahce yum -y install pcre-devel ---->安装pcre-devel支持 tar xf httpd-2.4.9.tar.bz2 cd httpd-2.4.9./configure --prefix=/usr/local/apache --sysconf=/etc/httpd24 --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/ --enable-modules=most --enable-mpms-shared=all --with-mpm=event 编译的时候报这个错误------------------------------------------------------------------------------------------------------------ checking whether to enable mod_ssl… configure: error: mod_ssl has been requested but can not be built due to prerequisite failures yum install openssl-devel----->解决 make && make install3、修改httpd的主配置文件,设置其Pid文件的路径 编辑vim /etc/httpd24/httpd.conf,添加如下行即可:PidFile "/var/run/httpd/httpd24.pid"提供httpd 运行脚本 cd /etc/rc.d/init.d/ cp httpd httpd24 vim httpd24 apachectl=/usr/local/apache/bin/apachectl ---------------->改的 httpd=${HTTPD-/usr/local/apache/bin/httpd} pidfile=${PIDFILE-/var/run/httpd/httpd24.pid} lockfile=${LOCKFILE-/var/lock/subsys/httpd24} chkconfig --add httpd24 chkconfig --list httpd24 httpd24 0:关闭 1:关闭 2:关闭 3:关闭 4:关闭 5:关闭 6:关闭 httpd -t ------------>检查语法 hash -r --------------->清除缓存 vim /etc/profile.d/httpd.sh export PATH=/usr/local/apache/bin$PATH-------------->定义PATH读取 . /etc/profile.d/httpd.sh ------------->重读配置文件 service httpd24 start ss -tnl ---------------->查看80端口是否被监听到 ps aux | grep httpd----->查看工作模式 vim /etc/httpd24/httpd.conf ----------->配置文件 LoadModule deflate_module modules/mod_deflate.so----------->启用 2、编译安装mariadb tar xf mariadb-5.5.36-linux-x86_64.tar.gz -C /usr/local --------------------------------------------------------------- 准备数据目录 mkdir -pv /mydata/data------>创建数据存放目录 ----------------------------------------------------------------- 配置mariadb-----> ---------------------------------------------------------------- groupadd -r -g 306 mysql useradd -r -g 306 -u 306 mysql cd /usr/local/ ln -sv mariadb-5.5.36-linux-x86_64 mysql cd /usr/local/mysql chown -R root:mysql ./* scripts/mysql_install_db --datadir=/mydata/data --user=mysql cp supper-files/mysql.server /etc/rc.d/init.d/mysqld chkconfig --add mysqld --->添加 chkconfig --list mysqld --->查看 mkdir /etc/mysql cp support-files/my-large.cnf /etc/mysql/my.cnf 添加三个选项: datadir = /mydata/data innodb_file_per_table = on skip_name_resolve = on service mysqld start /usr/local/mysql/bin/mysql_secure_installation------------>安全初始化 mysql优化 编辑/etc/man.config,添加如下行即可:MANPATH /usr/local/mysql/man7、输出mysql的头文件至系统头文件路径/usr/include: 这可以通过简单的创建链接实现: ln -sv /usr/local/mysql/include /usr/include/mysql8、输出mysql的库文件给系统库查找路径: echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf 而后让系统重新载入系统库: ldconfig9、修改PATH环境变量,让系统可以直接使用mysql的相关命令。 vim /etc/profile.d/mysql.sh export PATH=/usr/local/mysql/bin:$PATH. /etc/profile.d/mysql.sh --------------------------------------------------------------- 安装php 解决依赖关系 yum -y groupinstall "Desktop Platform Development" yum -y install bzip2-devel libmcrypt-devel libxml2-devel --------------------------------------------------------------2、编译安装php-5.4.0tar xf php-5.4.0.tar.bz2 cd php-5.4.0./configure --prefix=/usr/local/php --with-mysql=/usr/local/mysql --with-openssl --with-mysqli=/usr/local/mysql/bin/mysql_config --enable-mbstring --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --enable-sockets --with-apxs2=/usr/local/apache/bin/apxs --with-mcrypt --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2 --enable-maintainer-zts make make test make intall -------------------------------------------------------------------------------------------------------------------------------------- 为php提供配置文件: cp php.ini-production /etc/php.ini --------------------------------------------------------------------------------------------------------------- 3、 编辑apache配置文件httpd.conf,以apache支持php # vim /etc/httpd/httpd.conf 1、添加如下二行 AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps 2、定位至DirectoryIndex index.html 修改为: DirectoryIndex index.php index.html --------------------------------------------------------------- 而后重新启动httpd,或让其重新载入配置文件即可测试php是否已经可以正常使用 如果不能正常使用 vim /etc/rc.d/init.d/httpd24 pidfile=${PIDFILE-/usr/local/apache/logs/httpd.pid}-------->修改 测试页面index.php示例如下: <?php $link = mysql_connect('127.0.0.1','root','mageedu'); if ($link) echo "Success..."; else echo "Failure..."; phpinfo(); mysql_close(); ?>
原创文章,作者:N21_ Dominic,如若转载,请注明出处:http://www.178linux.com/49001
评论列表(1条)
总结的很好,