二、加密配置
在ssl.conf文件中有这么两句,指出了证书和私钥的存放路径
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
三、证书生成
[root@localhost conf.d]# cd /etc/pki/tls/certs
[root@localhost certs]# ls
ca-bundle.crt ca-bundle.trust.crt localhost.crt make-dummy-cert Makefile
先删除原有的localhost.crt证书文件,再有make命令生成一个测试用的证书文件
[root@localhost certs]# rm -rf localhost.crt
[root@localhost certs]# make testcert
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key /etc/pki/tls/private/localhost.key -x509 -days 365 -out /etc/pki/tls/certs/localhost.crt -set_serial 0
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:CN
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:Beijing
Organization Name (eg, company) [Default Company Ltd]:Tianli
Organizational Unit Name (eg, section) []:RedHat
Common Name (eg, your name or your server's hostname) []:test1.demo.com
Email Address []:
[root@localhost certs]#
RHEL6.3下配置简单Apache https(2)
内容版权声明:除非注明,否则皆为本站原创文章。
转载注明出处:http://www.heiqu.com/a1a4c034c15886ff9e75962315ae2f68.html