1..首先,先安裝Development Tools套件
# yum groupinstall "Development Tools"

2.安裝httpd-devel與gnutls-devel套件
# yum install httpd-devel gnutls-devel

3.到mod_gnutls網站下載最新的module
http://www.outoforder.cc/projects/apache/mod_gnutls/

4.接著把mod_gnutls解壓縮
# tar -xjvf mod_gnutls-版本號.tar.bz2
# cd mod_gnutls-版本號
# ./configure --prefix=/usr
# make
ps:(1)如出現libguntls套件版本太舊,請至http://www.gnu.org/software/gnutls/download.html
          下載2.0以上版本compile並安裝(./configure && make)
       (2)mod_gnutls千萬別用Make instll,因為它只是一個module

5.將編譯好的module,copy到/usr/lib/httpd/modules目錄底下
# cp mod_gnutls-版本號/src/.libs/libmod_gnutls.so /usr/lib/httpd/modules/mod_gnutls.so

6.接著把/etc/httpd/conf.d/ssl.conf加入以下設定檔
LoadModule gnutls_module modules/mod_gnutls.so
GnuTLSCache dbm "conf/gnutls_cache"
GnuTLSCacheTimeout 300

7.虛擬網站設定
NameVirtualHost 192.168.0.1:443
<VirtualHost sample1.ex.com:443>
    ServerName sample1.ex.com:443
    GnuTLSEnable on
    #Set TimeOut for SSL Session Cache
    GnuTLSCacheTimeout 300
    GnuTLSCertificateFile /etc/pki/tls/certs/localhost.crt
    GnuTLSKeyFile /etc/pki/tls/private/localhost.key
    GnuTLSPriorities NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL
    DocumentRoot "/var/www/sample1"
  <Directory /var/www/sample1/>
    Order Deny,Allow
    Allow from All
  </Directory>
</VirtualHost>
<VirtualHost sample2.ex.com:443>
    ServerName sample2.ex.com:443
    GnuTLSEnable on
    #Set TimeOut for SSL Session Cache
    GnuTLSCacheTimeout 300
    GnuTLSCertificateFile /etc/pki/tls/certs/localhost.crt
    GnuTLSKeyFile /etc/pki/tls/private/localhost.key
    GnuTLSPriorities NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL
    DocumentRoot "/var/www/sample2"
  <Directory /var/www/sample2/>
    Order Deny,Allow
    Allow from All
  </Directory>
</VirtualHost>

8.重新啟動Apache伺服器
# /etc/rc.d/init.d/httpd restart

9.測試可否使用
https://sample1.ex.com/
https://sample2.ex.com

arrow
arrow
    全站熱搜

    ying5320 發表在 痞客邦 留言(0) 人氣()

    E-mail轉寄