编辑]#vim /etc/httpd/conf.d/vhost1.conf文件
文件内容:
<VirtualHost 192.168.5.102:80>
serverName www1.magedu.com
DocumentRoot /data/vhost/www1
CustomLog logs/www1-access_log combined
ErrorLog logs/error_log
Options None
AllowOverride None
Order allow,deny
Allow from all
编辑主配置文件/etc/httpd/conf/httpd.conf
找到status
SetHandler server-status
Order deny,allow
Deny from all
Allow from tom
编辑主配置文佳
NameVirtualHost 192.168.5.102:80(去掉注释)
www2
编辑]#vim /etc/httpd/conf.d/vhost2.conf文件
<VirtualHost 192.168.5.102:80>
serverName www2.magedu.com
DocumentRoot /data/vhost/www2
CustomLog logs/www1-access_log combined
ErrorLog logs/error_log
Options None
AllowOverride None
Order allow,deny
deny from 192.168
去掉注释NameVirtualHost 192.168.5.102:80
创建CA
在192.168.5.102主机创建CA
bs ~]# cd /etc/pki/CA/
]# (umask 066; openssl genrsa -out private/cakey.pem2048 (生成私钥)
CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem(生成自签名证书)
#touch /etc/pki/CA/index.txt
# echo 01 > /etc/pki/CA/serial
在服务端安装模块
# yum -y install mod_ssl
CA]# cd /etc/httpd/conf
tpd]# mkdir /etc/httpd/ssl
umask 066; openssl genrsa -out httpd.key 2048)(创建私钥)
openssl req -new -keyhttpd.key -days 365 -out /etc/httpd/ssl/httpd.csr (创建申请证书)
scp httpd.csr 192.168.5.103:/testdir
# openssl ca -in /testdir/httpd.csr-out /etc/pki/CA/httpd.crt -days 365(给httpd.csr签名)
scp /CA/httpd.crt 192.168.5.102:/etc/httpd/ssl
重启服务
http-2.4
www1
# vim /etc/httpd/conf.d/vhost1.conf(编辑文件)
ServerName www1.magedu.com
DocumentRoot /data/vhost/www1
CustomLog logs/www1-access_log combined
ErrorLog logs/error_log
# Options None
AllowOverride None
Require all granted
编辑主配置文件
SetHandlerserver-status
Orderallow,deny
Allow from tom
www2
# vim /etc/httpd/conf.d/vhost2.conf(编辑文件)
ServerName www2.magedu.com
DocumentRoot /data/vhost/www2
CustomLog logs/www1-access_log combined
ErrorLog logs/error_log
# Options None
AllowOverride None
Require not ip 192.168
编辑主配置文件
SetHandlerserver-status
Orderallow,deny
Allow from tom
创建CA
在192.168.5.103主机创建CA
bs ~]# cd /etc/pki/CA/
]# (umask 066; openssl genrsa -out private/cakey.pem2048 (生成私钥)
CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem(生成自签名证书)
#touch /etc/pki/CA/index.txt
# echo 01 > /etc/pki/CA/serial
在服务端安装模块
# yum -y install mod_ssl
CA]# cd /etc/httpd/conf
tpd]# mkdir /etc/httpd/ssl
umask 066; openssl genrsa -out httpd.key 2048)(创建私钥)
openssl req -new -keyhttpd.key -days 365 -out /etc/httpd/ssl/httpd.csr (创建申请证书)
scp httpd.csr 192.168.5.102:/testdir
# openssl ca -in /testdir/httpd.csr-out /etc/pki/CA/httpd.crt -days 365(给httpd.csr签名)
scp /CA/httpd.crt 192.168.5.103:/etc/httpd/ssl
重启服务