XAMPP 安装ssl证书

2019年4月14日 0 条评论 99 次阅读 0 人点赞

上传证书

将1_root_bundle.crt文件上传到/opt/lampp/etc目录下
将2_demo.com.crt文件上传到/opt/lampp/etc/ssl.crt目录下
将3_demo.com.key文件上传到/opt/lampp/etc/ssl.key目录下


编辑httpd-ssl.conf文件

sudo vi /opt/lampp/etc/extra/httpd-ssl.conf

修改 <VirtualHost _default_:443> 配置文件

<VirtualHost _default_:443>

#   General setup for the virtual host
DocumentRoot "/opt/lampp/htdocs"
ServerName www.demo.com:443
ServerAdmin [email protected]
ErrorLog "/opt/lampp/logs/error_log"
TransferLog "/opt/lampp/logs/access_log"

#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
#   on即为开启ssl
SSLEngine on

#   Server Certificate:
#   Point SSLCertificateFile at a PEM encoded certificate.  If
#   the certificate is encrypted, then you will be prompted for a
#   pass phrase.  Note that a kill -HUP will prompt again.  Keep
#   in mind that if you have both an RSA and a DSA certificate you
#   can configure both in parallel (to also allow the use of DSA
#   ciphers, etc.)
#   Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
#   require an ECC certificate which can also be configured in
#   parallel.
SSLCertificateFile "/opt/lampp/etc/ssl.crt/2_demo.com.crt"
#SSLCertificateFile "/opt/lampp/etc/server-dsa.crt"
#SSLCertificateFile "/opt/lampp/etc/server-ecc.crt"

#   Server Private Key:
#   If the key is not combined with the certificate, use this
#   directive to point at the key file.  Keep in mind that if
#   you've both a RSA and a DSA private key you can configure
#   both in parallel (to also allow the use of DSA ciphers, etc.)
#   ECC keys, when in use, can also be configured in parallel
SSLCertificateKeyFile "/opt/lampp/etc/ssl.key/3_demo.com.key"
#SSLCertificateKeyFile "/opt/lampp/etc/server-dsa.key"
#SSLCertificateKeyFile "/opt/lampp/etc/server-ecc.key"

#   Server Certificate Chain:
#   Point SSLCertificateChainFile at a file containing the
#   concatenation of PEM encoded CA certificates which form the
#   certificate chain for the server certificate. Alternatively
#   the referenced file can be the same as SSLCertificateFile
#   when the CA certificates are directly appended to the server
#   certificate for convenience.
SSLCertificateChainFile "/opt/lampp/etc/1_root_bundle.crt"

强制跳转到HTTPS

sudo vi /opt/lampp/etc/httpd.conf

修改配置

<Directory "/opt/lampp/htdocs">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/trunk/mod/core.html#options
    # for more information.
    #
    #Options Indexes FollowSymLinks
    # XAMPP
    Options Indexes FollowSymLinks ExecCGI Includes

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    #AllowOverride None
    # since XAMPP 1.4:
    AllowOverride All

    #
    # Controls who can get stuff from this server.
    #
    Require all granted

    RewriteEngine on
    RewriteCond %{SERVER_PORT} !^443$
    RewriteCond %{SERVER_NAME} ^*.demo.com$
    RewriteRule ^(.*)?$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

</Directory>

重启XAMPP

sudo /opt/lampp/lampp restart

月下

我想要的,从始至终,不过一个你罢了。

文章评论(0)

你必须 登录 才能发表评论