服务器环境:phpstudy
证书:从阿里云网站申请的免费证书,具体请自行百度
重要步骤:
1.确定服务器已经开启443端口,因为443是https默认端口,如何开启自行百度
2.开启apache相应配置
#修改httpd.conf文件
LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
LoadModule rewrite_module
#去掉上面三行前的"#"
保存退出
3.在apache目录下的httpd目录下新建一个cert目录,将证书放到该目录下
4.确定已开启openssl模块,通过phpinfo()可以查看是否开启
5.修改httpd-ssl.conf文件如下,其余的删除即可
Listen 443
<VirtualHost *:443>
DocumentRoot "网站根目录"
ServerName 域名:443
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
<Directory "网站根目录">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
[plain] view plain copy
#公钥
SSLCertificateFile /phpstudy/server/httpd/cert/public.pem
[plain] view plain copy
#私钥
SSLCertificateKeyFile /phpstudy/server/httpd/cert/xxxxxx.key
[plain] view plain copy
#证书链文件
SSLCertificateChainFile /phpstudy/server/httpd/cert/chain.pem
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>