ssl加密
yum install mod_ssl -y 他是一个模块
yum install crypto-utils -y 加密
genkey www.westos.com
vim /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/certs/www.westos.com.key
强制转换为https
mkdir -p /var/www/westos.com/login/html
vim /var/www/westos.com/login/html/index.html
vim /etc/httpd/conf.d/login.conf
<VirtualHost *:443>
SSLEngine on
ServerName login.westos.com
DocumentRoot /var/www/westos.com/login/html/
CustomLog logs/login.log combined
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</VirtualHost>
<Directory "/var/www/westos.com/login/html/">
Require all granted
</Directory>
<VirtualHost *:80>
ServerName login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</VirtualHost>
重启阿帕琪
其中
^(/.*)$ 客户在浏览器地址栏中输入的所有字符
https:// 强制客户加密访问
%{HTTP_HOST} 客户请求主机
$1 表示^(/.*)$的值
[redirect=301] 永久 302是临时
测试端必须要修改 /etc/hosts 172.25.254.113 *.westos.com
对于
[redirect=301] 永久
cat /etc/httpd/logs/login.log 状态304 是永久
302是临时 状态变为200
