RHEL AS5 LAMP + SSL安装与配置
时间:2009-03-23 来源:sjhf
|
RHEL AS5 LAMP + SSL安装于配置
2008年9月5日
14:29
1 、环境
2、安装需要的软件,并测试。这里我用的都是rpm包安装的。
rpm -ivh subversion-1.4.2-2.el5
rpm -ivh mod_dav_svn-1.4.2-2.el5.i386.rpm
在apache的主目录下新建一个index.php,来测试apache、php、mysql又没有安装好。其内容如下:
<?
phpinfo();
?>
保存退出,这时就可以在浏览器上打开php测试页了
3、初始化repository.
4、配置apache的配置文件
Vi /etc/httpd/conf/httpd.conf 文件中添加下面的配置
<Location /svn>
DAV svn
AuthMYSQLEnable on
AuthMySQLDB auth
</Location>
5.创建用户的认证数据库 ,这里你可以参考/etc/httpd/conf.d/auth_mysql.conf
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 8 to server version: 5.0.22
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
Query OK, 1 row affected (0.00 sec)
Database changed
-> user_name CHAR(30) NOT NULL,
-> user_passwd CHAR(20) NOT NULL,
-> PRIMARY KEY (user_name)
-> );
Query OK, 0 rows affected (0.01 sec)
-> ON auth.users
-> TO authuser@'localhost'
-> IDENTIFIED BY 'Your Password ';
Query OK, 0 rows affected (0.01 sec)
Query OK, 0 rows affected (0.00 sec)
Query OK, 1 row affected (0.00 sec)
Bye
6、创建用户认证所需要的证书
cd /etc/pki/tls/
Generating RSA private key, 1024 bit long modulus
...............++++++
.....................................................++++++
e is 65537 (0x10001)
......
cd certs/
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key /etc/pki/tls/private/localhost.key -x509 -days 365 -out /etc/pki/tls/certs/localhost.crt -set_serial 0
you are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:CN
State or Province Name (full name) [Berkshire]:BeiJing
Locality Name (eg, city) [Newbury]:BeiJing
Organization Name (eg, company) [My Company Ltd]:RTS InfoTech
Organizational Unit Name (eg, section) []:System Management
Common Name (eg, your name or your server's hostname) []:"***.****.***" #这里填写的内容一定要与你域名相符,否则证书会显示不合法
Email Address []:[email protected]
7.赋予测试用户权限.
vi/repository/auth/authz 在最后添加
* =
现在就可以开始测试了.
首先你可以来验证一下ssl是否已经ok.打开一个浏览器,地址栏输入https://YourServerName或者https://serverip看能不能打开网站,这里就不多说了。
|
相关阅读 更多 +
