ssl加密
yum install mod_ssl -y 他是一個子產品
yum install crypto-utils -y 加密
genkey www.westos.com
vim /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/certs/www.westos.com.key
強制轉換為https
mkdir -p /var/www/westos.com/login/html
vim /var/www/westos.com/login/html/index.html
vim /etc/httpd/conf.d/login.conf
<VirtualHost *:443>
SSLEngine on
ServerName login.westos.com
DocumentRoot /var/www/westos.com/login/html/
CustomLog logs/login.log combined
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</VirtualHost>
<Directory "/var/www/westos.com/login/html/">
Require all granted
</Directory>
<VirtualHost *:80>
ServerName login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</VirtualHost>
重新開機阿帕琪
其中
^(/.*)$ 客戶在浏覽器位址欄中輸入的所有字元
https:// 強制客戶加密通路
%{HTTP_HOST} 客戶請求主機
$1 表示^(/.*)$的值
[redirect=301] 永久 302是臨時
測試端必須要修改 /etc/hosts 172.25.254.113 *.westos.com
對于
[redirect=301] 永久
cat /etc/httpd/logs/login.log 狀态304 是永久
302是臨時 狀态變為200