最简单的办法创建apache (httpd) https 单向认证证书
2023-09-11 14:21:18 时间
1. 在linux系统中,创建名为localhost.cnf 的文件,文件内容如下
[dn]
CN=localhost
[req]
distinguished_name = dn
[EXT]
subjectAltName=DNS:localhost
keyUsage=digitalSignature
extendedKeyUsage=serverAuth
2. 执行如下命令
openssl req -x509 -out localhost.crt -keyout localhost.key -newkey rsa:2048 -nodes -sha256 -subj '/CN=localhost' -extensions EXT -config localhost.cnf
3. 将localhost.crt和localhost.key拷贝到conf.d目录
修改在apache的配置文件目录conf.d 下修改ssl.conf,
LoadModule ssl_module modules/mod_ssl.so
Listen 443
<VirtualHost _default_:443>
DocumentRoot "/data/htdocs" #修改为自己的网站目录
Servername localhost
LogLevel warn
SSLEngine on
SSLCertificateFile "conf.d/localhost.crt"
SSLCertificateKeyFile "conf.d/localhost.key"
</VirtualHost>