|
Apacheソスヘ撰ソスソスEソスナ最ゑソスソスソスソスソスソスソスソスpソスソスソスソストゑソスソスソスWebソスTソス[ソスoソスナゑソスソスBWindowsソスソスナゑソスLinuxソスfソスBソスXソスgソスソスソスrソスソスソス[ソスVソスソスソスソスソスソスナゑソスソスソスソスしソスワゑソスソスBソスソスソスソスソスナはセソスLソスソスソスAソスソスWebソスTソス[ソスoソスフ構ソスzソスフ為ゑソスApacheソスソスSSLソス@ソス\ソスtソスソスソスソスソスソスソスソス@ソスソスソスソスソスソスソスソストゑソスソスワゑソスソスBソスCソスソスソスXソスgソス[ソスソスソスヘ、
OS:FedoraCore5
Apache:ソスoソス[ソスWソスソスソスソス2.2.3
ソスナ行ソスソスソストゑソスソスワゑソスソスB
Apacheソスソスソス_ソスEソスソスソスソスソス[ソスhソスソスソスワゑソスソスB(ソス_ソスEソスソスソスソスソス[ソスhソスソスソスソスソス@ソス[ソスWソスソスソスソス2.2.3)
ソス_ソスEソスソスソスソスソス[ソスhソスソスソスソスソスtソス@ソスCソスソスソスソスソス凍ゑソスソスワゑソス
| # tar zxvf httpd-2.2.3.tar.gz
|
configureソスソスソスソスソスsソスソスソスソスMakefileソスソスソス成ソスソスソスワゑソス
| # ./configure --enable-so --enable-ssl
|
ソスRソスソスソスpソスCソスソスソスAソスCソスソスソスXソスgソス[ソスソスソスソスソスsソスソスソスワゑソス
SSLソスソスソスソスソスすソスソス謔、ソスノゑソスソスソスノは、Apacheソスフ設抵ソスtソス@ソスCソスソス(httpd.conf)ソスソスメ集ソスソスソスワゑソスソスBソスGソスfソスBソス^ソスソスhttpd.confソスソスソスJソスソスソスワゑソスソスB
| # vi /usr/local/apache2/conf/httpd.conf
|
SSLソスン抵ソスYソスソスソスモ擾ソスソスフコソスソスソスソスソスgソスAソスEソスgソスソスソスOソスソスソスワゑソス
ソスyソスマ更ソスOソスz
ソス@# Include conf/extra/httpd-ssl.conf
ソスyソスマ更ソスソスz
ソス@Include conf/extra/httpd-ssl.conf
|
ソス髢ァソスソスソスAソスソスソスネ証厄ソスソスソスソスソスソスロ托ソスソスソスソスソスソスfソスBソスソスソスNソスgソスソスソスノ移難ソスソスソスソスワゑソスソスB(ソスロ托ソスソスソスソスソスソスfソスBソスソスソスNソスgソスソスソスヘ、/usr/local/apache2/conf/extra/httpd-ssl.confソスソスSSLCertificateFile,SSLCertificateKeyFileソスノ指ソス閧ウソスソストゑソスソスワゑソス)
| # cd /usr/local/apache2/conf/
|
opensslソスRソス}ソスソスソスhソスナ秘密ソスソスソスソスソス成ソスソスソスワゑソス
# openssl genrsa -des3 -out server.key 1024
Generating RSA private key, 1024 bit long modulus
.............++++++
.............++++++
e is 65537 (0x10001)
Enter pass phrase for server.key:ソスソスソスpソスXソスソスソス[ソスhソスソスソスソスヘゑソスソスソスEnter
Verifying - Enter pass phrase for server.key:ソスソスソスソスニ難ソスソスソスソスpソスXソスソスソス[ソスhソスソスソスソスヘゑソスソスソスEnter
|
opensslソスRソス}ソスソスソスhソスナ趣ソスソスネ証厄ソスソスソスソスソスソス成ソスソスソスワゑソス
# openssl req -new -x509 -days 365 -key server.key -out server.crt
Country Name (2 letter code) [GB]:ソスソスソスソスソスソスソスソスソスソスヘゑソスソスソスEnter
State or Province Name (full name) [Berkshire]:ソスソスソスsソスソスソス{ソスソスソスソスソスソスヘゑソスソスソスEnter
Locality Name (eg, city) [Newbury]:ソスソスソスsソス謦ャソスソスソスソスソスソスヘゑソスソスソスEnter
Organization Name (eg, company) [My Company Ltd]:ソスソスソスソスミ厄ソスソスソスソスソスヘゑソスソスソスEnter
Organizational Unit Name (eg, section) []:ソスソスソスソスソスソスソスソスソスソスヘゑソスソスソスEnter
Common Name (eg, your name or your server's hostname) []:ソスソスソスTソス[ソスoソスソスソスソスソスソスヘゑソスソスソスEnter
Email Address []:ソスソスソスヌ暦ソスソスメソスソス[ソスソスソスAソスhソスソスソスXソスソスソスソスヘゑソスソスソスEnter
|
ソスNソスソスソスXソスNソスソスソスvソスgソスソス/etc/init.dソスヨコソスsソス[ソスソスソスワゑソス
| # cp /usr/local/apache2/bin/apachectl /etc/init.d/httpd2
|
ApacheソスソスソスNソスソスソスソスソスワゑソス
# /etc/init.d/httpd2 start
Apache/2.2.3 mod_ssl/2.2.3 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.
Server www.example.com:443 (RSA)
Enter pass phrase:ソスソスソスソスソスソス成ソスソスソスソスソス髢ァソスソスソスフパソスXソスソスソス[ソスhソスソスソスソスヘゑソスソスソスEnter
OK: Pass Phrase Dialog successful.
|
netstatソスRソス}ソスソスソスhソスソスhttpsソスソスソスNソスソスソスソスソストゑソスソス驍ゥソスソスソスmソスF
# netstat -l | grep https
tcp 0 0 *:https *:* LISTENソスソスソスソスソスソスソスソスソスNソスソスソスソスソストゑソスソスソス謔、ソスナゑソス
|
|
