[1] 產生 host key
$sudo mkdir /private/etc/apache2/ssl $cd /private/etc/apache2/ssl $sudo ssh-keygen -f host.key
[2] 產生certificate request file
sudo openssl req -new -key host.key -out request.csr
[3] 產生certificate request file
$sudo openssl req -new -key host.key -out request.csr
[4] 加入產生的SSL certificate及‘nopass’ key
$sudo openssl x509 -req -days 365 -in request.csr -signkey host.key -out server.crt openssl rsa -in host.key -out host.nopass.key
找到SSLCertificateFile及SSLCertificateKeyFile,更改file位置
#SSLCertificateFile "/private/etc/apache2/server.crt" SSLCertificateFile "/private/etc/apache2/ssl/server.crt" #SSLCertificateKeyFile "/private/etc/apache2/server.key" SSLCertificateKeyFile "/private/etc/apache2/ssl/host.nopass.key"
[5] 確認Apache有加入ssl_module
$sudo vim httpd.conf
找出底下兩個,將"#"刪除或加入
LoadModule ssl_module libexec/apache2/mod_ssl.so Include /private/etc/apache2/extra/httpd-ssl.conf
[OS X 10.10的Apache 2.4] 預設不載入shmcb,要找出底下的將"#"刪除
LoadModule socache_shmcb_module libexec/apache2/mod_socache_shmcb.so
[6] 做測試
apachectl configtest
[OS X 10.10的Apache 2.4] 會出現底下訊息
AH00526: Syntax error on line 62 of /private/etc/apache2/extra/httpd-ssl.conf: SSLSessionCache: 'shmcb' session cache not supported (known names: ). Maybe you need to load the appropriate socache module (mod_socache_shmcb?).
$sudo vim /private/etc/apache2/extra/httpd-ssl.conf
將找到SSLMutex將其註解並加上Mutex
#SSLMutex "file:/private/var/run/ssl_mutex" Mutex sysvsem default
[7] 確認回傳Syntax OK,啟動Server
apachectl restart
參考網址:
APACHE SSL ON MAC OSX LION 10.7
CREATING A SELF-SIGNED SSL CERT FOR MAC OSX MOUNTAIN LION & APACHE
How To: Set up SSL with OSX Mountain Lion’s built-in Apache
How to create self signed ssl certificate for apache2 web server
SSH 免密碼登入
For OS X 10.10 Yosemite
Apache 2.4 configuration for ssl not working
沒有留言:
張貼留言