1. Copy the certificate file to your server
Download the ICA (ie Intermediate Certificate Authority) certificate file (DigiCertCA.crt) and your server certificate file (<your domain name) from your customer area >.crt), then copy them to your server to store the path to the certificate and private key files and make sure the root user is readable.
2. Find Apache configuration files and edit
The location of this file varies from server to server, especially if you use a specific interface to manage your server configuration. //This article transferred from www.45it.com computer software and hardware application network
Apache configuration file is usually in /etc/httpd. The main configuration file is often named after httpd.conf. In most cases, the <VirtualHost> block is at the bottom of the httpd.conf file. Sometimes <VirtualHost> blocks exist in their separate files and are placed in a directory like /etc/httpd/vhost.d/or /etc/httpd/sites/or in a file called ssl.conf .
If you open this file with a text compiler, you can find the <VirtuaHost> block that contains the Apache settings.
3. Configure <VirtualHost> Block to identify SSL
If you need your own site to be accessible via both encrypted (https) and non-encrypted (http) connections, you need each The connection type configures a virtual host (virtual host). Be sure to copy an existing non-encrypted virtual host and configure it to support SSL as described in step 4.
If you only need the website to access through the security mechanism, configure the existing virtual host to support SSL as described in step 4.
4. Configuring <VirtualHost> Blocks to Enable SSL Security for Sites
Below is a simple example of a virtual host configured to support SSL. The bold part listed is the SSL configuration that must be added.
<VirtualHost 192.168.0.1:443>DocumentRoot /var/www/html2ServerName www.yourdomain.comSSLEngine onSSLCertificateFile /path/to/your_domain_name.crtSSLCertificateKeyFile /path/to/your_private.keySSLCertificateChainFile /path/to/DigiCertCA .crt</VirtualHost> Adjust the file name and path according to your certificate file.
SSLCertificateFile <This should be your server certificate file> (for example: your_domain_name.crt)
SSLCertificateKeyFile <This should be the key file you generated when creating the CSR>
SSLCertificateChainFile <This should be DigiCert's ICA certificate file> (default is DigiCertCA.crt)
5. Test your configuration before restarting Apache
Usually, it is best to restart Apache Test your Apache configuration file beforehand to prevent errors, because once your configuration file has a syntax error, Apache won't start again. Run the following command: (may be apache2ctl on some systems)
apachectl configtest
6. Restart Apache
You can use the apachectl command to stop and start with SSL Supported Apache:
apachectl stop
apachectl start
Hint: If Apache can't start with SSL support, try replacing "apachectl start" with "apachectl startssl". If SSL support is only loaded when using "apache startssl", then we recommend that you modify the apache startup configuration to include SSL support in the normal "apachectl start" command. Otherwise, you may need to manually restart Apache via "apachectl startssl" when the server is restarted. This often causes the <IfDefine SSL> and </IfDefine> tags to be moved to close the SSL-related configuration.
Translator's Note: This parameter has been abolished in the latest version of Apache apachctl script startssl.
Troubleshooting:
1. If your website is accessible to the public, our SSL Certificate Tester tool can help you determine what is usually going to happen.
2. To help migrate your certificate to another server or to a cross-server platform, check out the OpenSSL export instructions here.
3. If you need to disable SSL version 2 compatibility in order to comply with PCI Compliance requirements (that is, the PCI compatibility list), you need to add the following command to your Apache configuration file:
SSLCipherSuite HIGH:+MEDIUM:!SSLv2:!EXP:!ADH:!aNULL:!eNULL:!NULL
If this directive already exists, you will most likely need to modify this directive to disable SSL version 2 .
Log in to VPS using SSH Enter /root/vhost.sh Please enter Please input domain Others See the pict
Home is no stranger to the black box, it faithfully records every par
When the server receives a request for a specific web resource, ASP.NET uses the configuration file
The rapid development of the enterprise network has made the supporting servers an
Server Dictionary: Hot Standby FAQ
T168 G5 server how to set the boot automatically open the keypad NUMLOCK
Configure the WSUS server client computer for automatic update
Windows2008 iis7 pseudo-static URL with special symbol space inaccessible solution
Set database and directory permissions to prevent website hacking
Server terminology: RDIMM, UDIMM
Three series Choose servers from Intel mainstream processors
Security hardening setup experience in LNMP PHP environment
Word document how to add or change the horizontal line of the header
No computer under the eight-inch computer tablet after updating Win10
Win7 system how to restore desktop shortcut icon small arrow
How does the opening of the RAR archive of Win7 system become a notepad?
System programs also have priority program running to enjoy system benefits
20 special execution commands under Windows
How to set the win7 taskbar height
Hard disk mode can make win xp system boot faster?
Microsoft is forced to simplify the way users refuse to upgrade Windows 10