上传证书
将 1_root_bundle.crt 文件上传到 /opt/lampp/etc 目录下
将 2_demo.com.crt 文件上传到 /opt/lampp/etc/ssl.crt 目录下
将 3_demo.com.key 文件上传到 /opt/lampp/etc/ssl.key 目录下
编辑 httpd-ssl.conf 文件
sudo vi /opt/lampp/etc/extra/httpd-ssl.conf
修改 <VirtualHost _default_:443> 配置文件
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/opt/lampp/htdocs"
ServerName www.demo.com:443
ServerAdmin example@example.com
ErrorLog "/opt/lampp/logs/error_log"
TransferLog "/opt/lampp/logs/access_log"
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
# on 即为开启 ssl
SSLEngine on
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. Keep
# in mind that if you have both an RSA and a DSA certificate you
# can configure both in parallel (to also allow the use of DSA
# ciphers, etc.)
# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
# require an ECC certificate which can also be configured in
# parallel.
SSLCertificateFile "/opt/lampp/etc/ssl.crt/2_demo.com.crt"
#SSLCertificateFile "/opt/lampp/etc/server-dsa.crt"
#SSLCertificateFile "/opt/lampp/etc/server-ecc.crt"
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
# ECC keys, when in use, can also be configured in parallel
SSLCertificateKeyFile "/opt/lampp/etc/ssl.key/3_demo.com.key"
#SSLCertificateKeyFile "/opt/lampp/etc/server-dsa.key"
#SSLCertificateKeyFile "/opt/lampp/etc/server-ecc.key"
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convenience.
SSLCertificateChainFile "/opt/lampp/etc/1_root_bundle.crt"
强制跳转到 HTTPS
sudo vi /opt/lampp/etc/httpd.conf
修改配置
<Directory "/opt/lampp/htdocs">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/trunk/mod/core.html#options
# for more information.
#
#Options Indexes FollowSymLinks
# XAMPP
Options Indexes FollowSymLinks ExecCGI Includes
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
#AllowOverride None
# since XAMPP 1.4:
AllowOverride All
#
# Controls who can get stuff from this server.
#
Require all granted
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{SERVER_NAME} ^*.demo.com$
RewriteRule ^(.*)?$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
</Directory>
重启 XAMPP
sudo /opt/lampp/lampp restart
正文完