Apache HTTP Server 的安装与配置

一、概要

1. 环境

(1) Rocky Linux 9.3

二、安装与配置

1. 安装

(1) 安装

sudo dnf install httpd -y

(2) 服务

sudo systemctl start httpd
sudo systemctl enable httpd
systemctl status httpd

(3) 防火墙

sudo firewall-cmd --add-service={http,https} --permanent
sudo firewall-cmd --reload

2. SSL

(1) 安装SSL模块

sudo dnf install mod_ssl -y

安装完成之后会在/etc/httpd/conf.d目录下出现一个文件ssl.conf。

(2) 为域名设置SSL/TLS

假设我们需要为www.example.com设置SSL/TLS:

a. 创建证书目录

sudo mkdir /etc/httpd/certs

b. 准备证书

OpenSSL 系列2 — 应用

i. CA证书；

ii. 域名证书；

iii. 域名证书密钥；

c. 创建配置文件

sudo vi /etc/httpd/certs/www.example.com.conf

d. 初始化配置文件：

<VirtualHost *:443>ServerName ldapadmin.example.comSSLEngine onSSLVerifyClient optionalSSLVerifyDepth 1SSLCACertificateFile "/etc/httpd/certs/cacert.pem"SSLCertificateFile "/etc/httpd/certs/www.example.com.cert.pem"SSLCertificateKeyFile "/etc/httpd/certs/key.pem"
</VirtualHost>

e. 重启服务

sudo systemctl restart httpd
systemctl status httpd

3. 强制HTTPS访问

(1) 编辑配置文件

sudo vi /etc/httpd/certs/www.example.com.conf

(2) 新增配置:

<VirtualHost *:80>ServerName www.example.comRewriteEngine onRewriteCond %{SERVER\_PORT} !^443$RewriteRule ^/?(.\*)$ https://%{SERVER\_NAME}/$1 \[L,R\]<Directory "${INSTALL\_DIR}/htocs"\>Options +Indexes +Includes +FollowSymLinks +MultiViewsAllowOverride AllRequire all granted</Directory>
</VirtualHost>

4. 测试配置

apachectl configtest

三、引用

1. 官方

https://httpd.apache.org/

https://httpd.apache.org/docs/2.4/en/ssl/ssl_howto.html

转至：https://www.cnblogs.com/eagle6688/p/17891481.html