1. First, make sure the mod_ssl module is installed
My machine is centos system, execute the following command
yum install -y mod_ssl
2. Use openssl tool to generate key, certificate request file, and certificate
In the /usr/local/httpd directory, execute the following command.
2.1 Generate Key
openssl genrsa 1024 > server.key
Explanation: This is to use the 128-bit rsa algorithm to generate the key and get the server.key file
2.2Generate certificate request file
openssl req -new -out server.csr
Explanation: This is to use the key in step 1 to generate the certificate request file server.csr. This step raises many questions, enter them one by one
2.3Generate certificate
Command: openssl req -x509 -days 365 -key server.key -in server.csr > server.crt
Note: This is to generate certificate server.crt using the key and certificate request in steps 1 and 2. The -days parameter specifies the validity period of the certificate in days
3. Configure apache
Modify httpd.conf
LoadModule ssl_module /usr/lib64/httpd/modules/mod_ssl.so
Listen 443
NameVirtualHost *:443
# General setup for the virtual host
DocumentRoot "/usr/local/httpd/htdocs/ssl"
ServerName ssl.baishiz.com:443
ServerAdmin you@example.com
ErrorLog "/usr/local/httpd/logs/error_log"
TransferLog "/usr/local/httpd/logs/access_log"
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile "/usr/local/httpd/server.crt"
SSLCertificateKeyFile "/usr/local/httpd/server.key"
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
BrowserMatch "MSIE [2-5]"
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response- 1.0
CustomLog "/usr/local/httpd/logs/ssl_request_log"
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b"
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
