1.准备环境 centos7最小化安装 yum安装wget、vim、gcc、gcc-c++、cmake 2.安装apache2.4.10 官网:http://httpd.apache.org/ 下载源码包: cd /usr/loca/src wget http://mirror.bit.edu.cn/apache//httpd/httpd-2.4.10.tar.gz 下载apache组件apr、apr-util: wget http://mirror.bit.edu.cn/apache//httpd/httpd-2.4.10-deps.tar.gz 安装apr和apr-util: tar zxvf httpd-2.4.10-deps.tar.gz cd httpd-2.4.10/srclib/apr ./configure --prefix=/usr/local/apr make && make install cd ../apr-util ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr 下载安装zlib1.2.8 wget http://zlib.net/zlib-1.2.8.tar.gz tar zxvf zlib-1.2.8.tar.gz cd zlib-1.2.8 ./configure --prefix=/usr/local/zlib make && make install 下载安装pcre8.35 wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.35.tar.gz tar zxvf pcre-8.35.tar.gz cd pcre-8.35 ./configure --prefix=/usr/local/pcre make && make install 下载openssl,安装apache2.4.9时提示openssl版本过低,centos7自带版本openssl1.0.1e: wget http://www.openssl.org/source/openssl-1.0.1h.tar.gz 不卸载系统自带openssl,直接源码编译openssl1.0.1h tar zxvf openssl-1.0.1h.tar.gz cd openssl-1.0.1h ./configure --prefix=/usr/local/openssl make && make install mv /usr/bin/openssl /usr/bin/openssl.1.0.1e ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl 安装httpd2.4.9: cd /usr/local/src tar zxvf httpd-2.4.9.tar.gz cd httpd-2.4.9 ./configure --prefix=/usr/local/apache --sysconfdir=/etc/httpd --enable-so --enable-cgi --enable-ssl --enable-rewrite --with-ssl=/usr/local/openssl --with-pcre=/usr/local/pcre --with-z=/usr/local/zlib --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --with-ssl=/usr/local/openssl --enable-modules=most --enable-mpms-shared=all --with-mpm=event centos7使用systemctl代替chkconfig管理服务,防火墙也由iptables更换成了firewalld 首先用systemctl关闭防火墙: systemctl stop firewalld.service systemctl disable firewalld.service 开启apache服务器: cd /usr/local/apache/bin ./apachectl start 客户端浏览器上输入地址: http://192.168.47.130/ 看到页面显示It works!证明服务器已成功启动 另外因为安装Apache服务器是选择安装了支持openssl,顺便研究了一下如何在apache中配置openssl 首先在/etc/httpd/http.conf文件中修改: ServerName为www.example.com:80 去掉LoadModule ssl_module modules/mod_ssl.so前的#号 去掉LoadModule socache_shmcb_module modules/mod_socache_shmcb.so前的#号 去掉Include /etc/httpd/extra/httpd-ssl.conf前的#号 生成服务器证书: 1.生成服务器用的私钥文件server.key openssl genrsa -out server.key 1024 2.生成未签署的server.csr openssl req -new -key server.key -out server.csr 程序提示输入一系列参数,包括国别、省名、市名。。。,按照提示输入即可 3.签署服务器证书文件server.crt openssl req -x509 -days 365 -key server.key -in server.csr -out server.crt 然后将生成的server.key、server.csr、server.crt拷贝到/etc/httpd目录下 /usr/local/apache/bin/apachectl restart 浏览器访问:https://192.168.47.130,此时浏览器会提示安装证书,安装后显示页面It works!,证明ssl模块已正常工作。 (责任编辑:IT) |