1..首先,先安裝Development Tools套件
# yum groupinstall "Development Tools"
2.安裝httpd-devel與gnutls-devel套件
# yum install httpd-devel gnutls-devel
3.到mod_gnutls網站下載最新的module
http://www.outoforder.cc/projects/apache/mod_gnutls/
4.接著把mod_gnutls解壓縮
# tar -xjvf mod_gnutls-版本號.tar.bz2
# cd mod_gnutls-版本號
# ./configure --prefix=/usr
# make
ps:(1)如出現libguntls套件版本太舊,請至http://www.gnu.org/software/gnutls/download.html
下載2.0以上版本compile並安裝(./configure && make)
(2)mod_gnutls千萬別用Make instll,因為它只是一個module
5.將編譯好的module,copy到/usr/lib/httpd/modules目錄底下
# cp mod_gnutls-版本號/src/.libs/libmod_gnutls.so /usr/lib/httpd/modules/mod_gnutls.so
6.接著把/etc/httpd/conf.d/ssl.conf加入以下設定檔
LoadModule gnutls_module modules/mod_gnutls.so
GnuTLSCache dbm "conf/gnutls_cache"
GnuTLSCacheTimeout 300
7.虛擬網站設定
NameVirtualHost 192.168.0.1:443
<VirtualHost sample1.ex.com:443>
ServerName sample1.ex.com:443
GnuTLSEnable on
#Set TimeOut for SSL Session Cache
GnuTLSCacheTimeout 300
GnuTLSCertificateFile /etc/pki/tls/certs/localhost.crt
GnuTLSKeyFile /etc/pki/tls/private/localhost.key
GnuTLSPriorities NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL
DocumentRoot "/var/www/sample1"
<Directory /var/www/sample1/>
Order Deny,Allow
Allow from All
</Directory>
</VirtualHost>
<VirtualHost sample2.ex.com:443>
ServerName sample2.ex.com:443
GnuTLSEnable on
#Set TimeOut for SSL Session Cache
GnuTLSCacheTimeout 300
GnuTLSCertificateFile /etc/pki/tls/certs/localhost.crt
GnuTLSKeyFile /etc/pki/tls/private/localhost.key
GnuTLSPriorities NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL
DocumentRoot "/var/www/sample2"
<Directory /var/www/sample2/>
Order Deny,Allow
Allow from All
</Directory>
</VirtualHost>
8.重新啟動Apache伺服器
# /etc/rc.d/init.d/httpd restart
9.測試可否使用
https://sample1.ex.com/
https://sample2.ex.com
- Mar 01 Tue 2011 10:53
Linux底下使用GnuTLS架設數個SSL網站
全站熱搜
留言列表
發表留言