0
点赞
收藏
分享

微信扫一扫

【httpd的编译和配置】

捡历史的小木板 2022-04-18 阅读 45
linux

文章目录

编译安装最新版的httpd

httpd的最新版本为2.4版本
编译安装httpd-2.4

1. 下载源码包并配置环境

源码包地址:https://downloads.apache.org/

[root@localhost ~]# wget https://downloads.apache.org/apr/apr-1.7.0.tar.gz
--2022-04-17 15:27:35--  https://downloads.apache.org/apr/apr-1.7.0.tar.gz
2022-04-17 15:27:38 (565 KB/s) - 已保存 “apr-1.7.0.tar.gz” [1093896/1093896])

[root@localhost ~]# wget https://downloads.apache.org/apr/apr-util-1.6.1.tar.gz
--2022-04-17 15:28:17--  https://downloads.apache.org/apr/apr-util-1.6.1.tar.gz
2022-04-17 15:28:20 (272 KB/s) - 已保存 “apr-util-1.6.1.tar.gz” [554301/554301])

[root@localhost ~]# wget https://downloads.apache.org/httpd/httpd-2.4.53.tar.gz
--2022-04-17 15:29:18--  
2022-04-17 15:32:32 (49.2 KB/s) - 已保存 “httpd-2.4.53.tar.gz” [9726558/9726558])

配置环境

[root@localhost ~]# yum groups mark install "Development Tools"
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
BaseOS                                             2.7 MB/s | 2.8 kB     00:00    
AppStream                                          3.1 MB/s | 3.2 kB     00:00    
依赖关系解决。
===================================================================================
 软件包             架构              版本                仓库                大小
===================================================================================
安装组:
 Development Tools                                                                

事务概要
===================================================================================

确定吗?[y/N]: y
完毕!
[root@localhost ~]# rpm -qa|grep gcc
libgcc-8.3.1-5.el8.x86_64
[root@localhost ~]# useradd -r -M -s /sbin/nologin apache
[root@localhost ~]# id apache 
uid=48(apache) gid=48(apache)=48(apache)
[root@localhost ~]# grep apache /etc/group
apache:x:973:

2.安装资源包

解压

[root@localhost ~]# ls
公共  图片  音乐             apr-1.7.0.tar.gz       initial-setup-ks.cfg
模板  文档  桌面             apr-util-1.6.1.tar.gz
视频  下载  anaconda-ks.cfg  httpd-2.4.53.tar.gz
[root@localhost ~]# tar xf apr-1.7.0.tar.gz 
[root@localhost ~]# tar xf apr-util-1.6.1.tar.gz 
[root@localhost ~]# tar xf httpd-2.4.53.tar.gz 
[root@localhost ~]# ls
公共  文档  anaconda-ks.cfg   apr-util-1.6.1.tar.gz
模板  下载  apr-1.7.0         httpd-2.4.53
视频  音乐  apr-1.7.0.tar.gz  httpd-2.4.53.tar.gz
图片  桌面  apr-util-1.6.1    initial-setup-ks.cfg

apr源码包

[root@localhost ~]# cd apr-1.7.0/
[root@localhost apr-1.7.0]# ./configure --prefix=/usr/local/apr
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
Configuring APR library
Platform: x86_64-pc-linux-gnu
checking for working mkdir -p... yes
APR Version: 1.7.0
checking for chosen layout... apr
checking for gcc... no
checking for cc... no
checking for cl.exe... no
configure: error: in `/root/apr-1.7.0':
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details
[root@localhost apr-1.7.0]# dnf -y install gcc gcc-c++
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
完毕!

[root@localhost apr-1.7.0]# ./configure --prefix=/usr/local/apr
rm: cannot remove 'libtoolT': No such file or directory
config.status: executing default commands
[root@localhost apr-1.7.0]# dnf list all|grep -i libtool
libtool-ltdl.x86_64                                  2.4.6-25.el8                                      @anaconda 
libtool.x86_64                                       2.4.6-25.el8                                      AppStream 
libtool-ltdl.i686                                    2.4.6-25.el8                                      BaseOS    
libtool-ltdl-devel.i686                              2.4.6-25.el8                                      AppStream 
libtool-ltdl-devel.x86_64                            2.4.6-25.el8                                      AppStream 
[root@localhost ~]# dnf -y install libtool
[root@localhost apr-1.7.0]# dnf -y install libtool-ltdl-devel libtool-ltdl
[root@localhost apr-1.7.0]# ./configure --prefix=/usr/local/apr
[root@localhost apr-1.7.0]# dnf -y install make
[root@localhost apr-1.7.0]# make
[root@localhost apr-1.7.0]# make install

apr-util源码包

[root@localhost ~]# cd apr-util-1.6.1/
[root@localhost apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@localhost apr-util-1.6.1]# make
[root@localhost apr-util-1.6.1]# make install

httpd源码包

[root@localhost ~]# cd httpd-2.4.53/
[root@localhost httpd-2.4.53]# ./configure --prefix=/usr/local/apache \
> --enable-so \
> --enable-ssl \
> --enable-cgi \
> --enable-rewrite \
> --with-zlib \
> --with-pcre \
> --with-apr=/usr/local/apr \
> --with-apr-util=/usr/local/apr-util/ \
> --enable-modules=most \
> --enable-mpms-shared=all \
> --with-mpm=prefork
[root@localhost httpd-2.4.53]# yum -y install gcc openssl openssl-devel pcre-devel zlib zlib-devel
[root@localhost httpd-2.4.53]# make
[root@localhost httpd-2.4.53]# make install

3.配置httpd

配置环境变量

[root@localhost ~]# ls /usr/local/
apache  apr-util  etc    include  lib64    sbin   src
apr     bin       games  lib      libexec  share
[root@localhost ~]# cd /usr/local/apache/
[root@localhost apache]# ls
bin    cgi-bin  error   icons    logs  manual
build  conf     htdocs  include  man   modules
[root@localhost apache]# cd
[root@localhost ~]# echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/apache.sh
[root@localhost ~]# source /etc/profile.d/apache.sh 
[root@localhost ~]# which httpd
/usr/local/apache/bin/httpd
[root@localhost ~]# which apachectl
/usr/local/apache/bin/apachectl

配置man

[root@localhost ~]# ln -s /usr/local/apache/include/ /usr/include/apache
[root@localhost ~]# vi /etc/man_db.conf 
[root@localhost ~]# cat /etc/man_db.conf 
#
MANDATORY_MANPATH                       /usr/man
MANDATORY_MANPATH                       /usr/share/man
MANDATORY_MANPATH                       /usr/local/share/man
MANDATORY_MANPATH                       /usr/local/share/apache
#

[root@localhost ~]# systemctl disable --now firewalld.service 
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce 
Permissive
[root@localhost ~]# vi /etc/selinux/config 
[root@localhost ~]# cat /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled

配置80端口

[root@localhost ~]# ss -antl
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    
LISTEN    0         128                  0.0.0.0:111               0.0.0.0:*       
LISTEN    0         32             192.168.122.1:53                0.0.0.0:*       
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*       
LISTEN    0         5                  127.0.0.1:631               0.0.0.0:*       
LISTEN    0         128                     [::]:111                  [::]:*       
LISTEN    0         128                     [::]:22                   [::]:*       
LISTEN    0         5                      [::1]:631                  [::]:*       
[root@localhost ~]# apachectl start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
[root@localhost ~]# ss -antl
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    
LISTEN    0         128                  0.0.0.0:111               0.0.0.0:*       
LISTEN    0         32             192.168.122.1:53                0.0.0.0:*       
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*       
LISTEN    0         5                  127.0.0.1:631               0.0.0.0:*       
LISTEN    0         128                     [::]:111                  [::]:*       
LISTEN    0         128                        *:80                      *:*       
LISTEN    0         128                     [::]:22                   [::]:*       
LISTEN    0         5                      [::1]:631                  [::]:*       
[root@localhost ~]# apachectl stop
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
[root@localhost ~]# ss -antl
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    
LISTEN    0         128                  0.0.0.0:111               0.0.0.0:*       
LISTEN    0         32             192.168.122.1:53                0.0.0.0:*       
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*       
LISTEN    0         5                  127.0.0.1:631               0.0.0.0:*       
LISTEN    0         128                     [::]:111                  [::]:*       
LISTEN    0         128                     [::]:22                   [::]:*       
LISTEN    0         5                      [::1]:631                  [::]:*       
[root@localhost ~]# cd /usr/local/apache/
[root@localhost apache]# ls
bin    cgi-bin  error   icons    logs  manual
build  conf     htdocs  include  man   modules
[root@localhost apache]# cd conf/
[root@localhost conf]# ls
extra  httpd.conf  magic  mime.types  original
[root@localhost conf]# vi httpd.conf 
#ServerName www.example.com:80
[root@localhost conf]# apachectl start
[root@localhost conf]# ss -antl
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    
LISTEN    0         128                  0.0.0.0:111               0.0.0.0:*       
LISTEN    0         32             192.168.122.1:53                0.0.0.0:*       
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*       
LISTEN    0         5                  127.0.0.1:631               0.0.0.0:*       
LISTEN    0         128                     [::]:111                  [::]:*       
LISTEN    0         128                        *:80                      *:*       
LISTEN    0         128                     [::]:22                   [::]:*       
LISTEN    0         5                      [::1]:631                  [::]:*       

[root@localhost ~]# cd /usr/local/apache/
[root@localhost apache]# ls
bin    cgi-bin  error   icons    logs  manual
build  conf     htdocs  include  man   modules
[root@localhost apache]# cd conf/
[root@localhost conf]# ls
extra  httpd.conf  magic  mime.types  original
[root@localhost conf]# vi httpd.conf 
[root@localhost conf]# apachectl start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
[root@localhost conf]# ss -antl
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    
LISTEN    0         128                  0.0.0.0:111               0.0.0.0:*       
LISTEN    0         32             192.168.122.1:53                0.0.0.0:*       
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*       
LISTEN    0         5                  127.0.0.1:631               0.0.0.0:*       
LISTEN    0         128                     [::]:111                  [::]:*       
LISTEN    0         128                        *:80                      *:*       
LISTEN    0         128                     [::]:22                   [::]:*       
LISTEN    0         5                      [::1]:631                  [::]:*       

在这里插入图片描述
使用systemctl命令设置httpd

[root@localhost conf]# apachectl status
/usr/local/apache/bin/apachectl:95: lynx: 未找到命令
[root@localhost conf]# cd 
[root@localhost ~]# systemctl status httpd
[root@localhost ~]# cd /usr/lib/systemd/system
[root@localhost system]# ls sshd.service 
sshd.service
[root@localhost system]# cp sshd.service httpd.service
[root@localhost system]# vi httpd.service
[root@localhost system]# cat httpd.service
[Unit]
Description=httpd server daemon
After=network.target sshd-keygen.target

[Service]
Type=forking
ExecStart=/usr/local/apache/bin/apachectl start
ExecStop=/usr/local/apache/bin/apachectl stop
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

[root@localhost system]# systemctl daemon-reload 
[root@localhost system]# systemctl status httpd
● httpd.service - httpd server daemon
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset:>
   Active: inactive (dead)
[root@localhost system]# systemctl start httpd
[root@localhost system]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@localhost system]# systemctl status httpd
● httpd.service - httpd server daemon
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: >
   Active: active (running) since Sun 2022-04-17 22:56:53 CST; 6s ago
  Process: 425418 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, st>
 Main PID: 425426 (httpd)
    Tasks: 6 (limit: 11159)
   Memory: 4.8M
   CGroup: /system.slice/httpd.service
           ├─425426 /usr/local/apache/bin/httpd -k start
           ├─425428 /usr/local/apache/bin/httpd -k start
           ├─425429 /usr/local/apache/bin/httpd -k start
           ├─425430 /usr/local/apache/bin/httpd -k start
           ├─425431 /usr/local/apache/bin/httpd -k start
           └─425432 /usr/local/apache/bin/httpd -k start

417 22:56:53 localhost.localdomain systemd[1]: Starting httpd server daemon...
417 22:56:53 localhost.localdomain apachectl[425418]: AH00558: httpd: Could not>
417 22:56:53 localhost.localdomain systemd[1]: Started httpd server daemon.
[root@localhost system]# ss -antl
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    
LISTEN    0         128                  0.0.0.0:111               0.0.0.0:*       
LISTEN    0         32             192.168.122.1:53                0.0.0.0:*       
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*       
LISTEN    0         5                  127.0.0.1:631               0.0.0.0:*       
LISTEN    0         128                     [::]:111                  [::]:*       
LISTEN    0         128                        *:80                      *:*       
LISTEN    0         128                     [::]:22                   [::]:*       
LISTEN    0         5                      [::1]:631                  [::]:*       

在这里插入图片描述

配置三种不同类型的虚拟主机虚拟主机:

虚拟主机有三类:
相同IP不同端口
不同IP相同端口
相同IP相同端口不同域名

1.配置虚拟主机

[root@localhost ~]# cd /usr/local/apache/conf/
[root@localhost conf]# ls
extra  httpd.conf  magic  mime.types  original
[root@localhost conf]# ls extra/
httpd-autoindex.conf  httpd-languages.conf           httpd-ssl.conf
httpd-dav.conf        httpd-manual.conf              httpd-userdir.conf
httpd-default.conf    httpd-mpm.conf                 httpd-vhosts.conf
httpd-info.conf       httpd-multilang-errordoc.conf  proxy-html.conf
[root@localhost ~]# ls /usr/local/apache/
bin    cgi-bin  error   icons    logs  manual
build  conf     htdocs  include  man   modules
[root@localhost ~]# cd /usr/local/apache/htdocs/
[root@localhost htdocs]# ls
index.html
[root@localhost htdocs]# mkdir test.example.com
[root@localhost htdocs]# ls
index.html  test.example.com
[root@localhost htdocs]# cd test.example.com/
[root@localhost test.example.com]# ls
[root@localhost test.example.com]# cd ..
[root@localhost htdocs]# ls
index.html  test.example.com
[root@localhost htdocs]# mkdir blog.example.com
[root@localhost htdocs]# ls
blog.example.com  index.html  test.example.com
[root@localhost conf]# vi /usr/local/apache/conf/extra/httpd-vhosts.conf 
[root@localhost conf]# cat /usr/local/apache/conf/extra/httpd-vhosts.conf 
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test.example.com-access_log" common
</VirtualHost>

[root@localhost ~]# vi /usr/local/apache/conf/httpd.conf
Include conf/extra/httpd-vhosts.conf
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# systemctl status httpd
● httpd.service - httpd server daemon
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: >
   Active: active (running) since Sun 2022-04-17 23:29:05 CST; 47s ago
  Process: 497006 ExecStop=/usr/local/apache/bin/apachectl stop (code=exited, stat>
  Process: 497014 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, st>
 Main PID: 497027 (httpd)
    Tasks: 6 (limit: 11159)
   Memory: 4.6M
   CGroup: /system.slice/httpd.service
           ├─497027 /usr/local/apache/bin/httpd -k start
           ├─497030 /usr/local/apache/bin/httpd -k start
           ├─497031 /usr/local/apache/bin/httpd -k start
           ├─497032 /usr/local/apache/bin/httpd -k start
           ├─497033 /usr/local/apache/bin/httpd -k start
           └─497034 /usr/local/apache/bin/httpd -k start

417 23:29:05 localhost.localdomain systemd[1]: Stopped httpd server daemon.
417 23:29:05 localhost.localdomain systemd[1]: Starting httpd server daemon...
417 23:29:05 localhost.localdomain apachectl[497014]: AH00558: httpd: Could not>
417 23:29:05 localhost.localdomain systemd[1]: Started httpd server daemon.

在这里插入图片描述

2.相同IP不同端口

[root@localhost htdocs]# cd test.example.com/
[root@localhost test.example.com]# echo "test page" > abc.html
[root@localhost test.example.com]# ls
abc.html
[root@localhost test.example.com]# mv abc.html index.html
[root@localhost test.example.com]# cd ..
[root@localhost htdocs]# cd blog.example.com/
[root@localhost blog.example.com]# ls
[root@localhost blog.example.com]# echo "blog page" > index.html
[root@localhost blog.example.com]# ls
index.html
[root@localhost htdocs]# cat index.html 
<html><body><h1>It works!</h1></body></html>
[root@localhost htdocs]# cd
[root@localhost ~]# vi /usr/local/apache/conf/extra/httpd-vhosts.conf
[root@localhost ~]# cat /usr/local/apache/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test.example.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
    ServerName blog.example.com
    ErrorLog "logs/blog.example.com-error_log"
    CustomLog "logs/blog.example.com-access_log" common
</VirtualHost>

在这里插入图片描述在这里插入图片描述

[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# ss -antl
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    
LISTEN    0         128                  0.0.0.0:111               0.0.0.0:*       
LISTEN    0         32             192.168.122.1:53                0.0.0.0:*       
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*       
LISTEN    0         5                  127.0.0.1:631               0.0.0.0:*       
LISTEN    0         128                     [::]:111                  [::]:*       
LISTEN    0         128                        *:80                      *:*       
LISTEN    0         128                     [::]:22                   [::]:*       
LISTEN    0         5                      [::1]:631                  [::]:*       
[root@localhost ~]# vi /usr/local/apache/conf/extra/httpd-vhosts.conf
[root@localhost ~]# cat /usr/local/apache/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test.example.com-access_log" common
</VirtualHost>
Listen 81
<VirtualHost *:81>
    DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
    ServerName blog.example.com
    ErrorLog "logs/blog.example.com-error_log"
    CustomLog "logs/blog.example.com-access_log" common
</VirtualHost>

[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# ss -antl
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    
LISTEN    0         128                  0.0.0.0:111               0.0.0.0:*       
LISTEN    0         32             192.168.122.1:53                0.0.0.0:*       
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*       
LISTEN    0         5                  127.0.0.1:631               0.0.0.0:*       
LISTEN    0         128                     [::]:111                  [::]:*       
LISTEN    0         128                        *:80                      *:*       
LISTEN    0         128                        *:81                      *:*       
LISTEN    0         128                     [::]:22                   [::]:*       
LISTEN    0         5                      [::1]:631                  [::]:* 

在这里插入图片描述

3.不同IP相同端口

[root@localhost ~]# ip addr add 192.168.220.136/24 dev ens160
[root@localhost ~]# ip addr show ens160
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:9b:69:c3 brd ff:ff:ff:ff:ff:ff
    inet 192.168.201.138/24 brd 192.168.201.255 scope global dynamic noprefixroute ens160
       valid_lft 1561sec preferred_lft 1561sec
    inet 192.168.220.136/24 scope global ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::6ae3:e83a:e07f:b773/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@localhost ~]# vi /usr/local/apache/conf/extra/httpd-vhosts.conf
[root@localhost ~]# cat /usr/local/apache/conf/extra/httpd-vhosts.conf
<VirtualHost 192.168.201.138:80>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test.example.com-access_log" common
</VirtualHost>

<VirtualHost 192.168.201.136:80>
    DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
    ServerName blog.example.com
    ErrorLog "logs/blog.example.com-error_log"
    CustomLog "logs/blog.example.com-access_log" common
</VirtualHost>
[root@localhost ~]# systemctl stop httpd
[root@localhost ~]# ss -antl
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    
LISTEN    0         128                  0.0.0.0:111               0.0.0.0:*       
LISTEN    0         32             192.168.122.1:53                0.0.0.0:*       
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*       
LISTEN    0         5                  127.0.0.1:631               0.0.0.0:*       
LISTEN    0         128                     [::]:111                  [::]:*       
LISTEN    0         128                     [::]:22                   [::]:*       
LISTEN    0         5                      [::1]:631                  [::]:*       
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# ss -antl
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    
LISTEN    0         128                  0.0.0.0:111               0.0.0.0:*       
LISTEN    0         32             192.168.122.1:53                0.0.0.0:*       
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*       
LISTEN    0         5                  127.0.0.1:631               0.0.0.0:*       
LISTEN    0         128                     [::]:111                  [::]:*       
LISTEN    0         128                        *:80                      *:*       
LISTEN    0         128                     [::]:22                   [::]:*       
LISTEN    0         5                      [::1]:631                  [::]:*       
[root@localhost ~]# systemctl restart httpd.service 

192.168.201.138
在这里插入图片描述192.168.201.136
在这里插入图片描述

4.相同IP相同端口不同域名

[root@localhost ~]# vi /usr/local/apache/conf/extra/httpd-vhosts.conf
[root@localhost ~]# cat /usr/local/apache/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test.example.com-access_log" common
</VirtualHost>

<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
    ServerName blog.example.com
    ErrorLog "logs/blog.example.com-error_log"
    CustomLog "logs/blog.example.com-access_log" common
</VirtualHost>

blog.example.com
在这里插入图片描述test.example.com
在这里插入图片描述

注意:httpd-2.4版本默认是拒绝所有主机访问的,所以安装以后必须做显示授权访问

[root@localhost ~]# vi /usr/local/apache/conf/extra/httpd-vhosts.conf
[root@localhost ~]# cat /usr/local/apache/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test.example.com-access_log" common
</VirtualHost>
<Directory "/usr/local/apache/htdocs/test.example.com">
    <RequireAll>
        Require not ip 192.168.201.1 
    </RequireAll>
</Directory>
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
    ServerName blog.example.com
    ErrorLog "logs/blog.example.com-error_log"
    CustomLog "logs/blog.example.com-access_log" common
</VirtualHost>

https配置

1.配置httpd.conf

[root@localhost ~]# cd /usr/local/apache/conf/
[root@localhost conf]# vim httpd.conf
LoadModule ssl_module modules/mod_ssl.so

2.配置证书

CA

[root@localhost ~]# cd /etc/pki/
[root@localhost pki]# mkdir CA
[root@localhost pki]# cd CA/
[root@localhost CA]# mkdir private
[root@localhost CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
............................................................................+++++
..................................+++++
e is 65537 (0x010001)
[root@localhost CA]# ls private/
cakey.pem
[root@localhost CA]# openssl rsa -in private/cakey.pem -pubout
writing RSA key
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA885U3NY8Qc+9UbYCvHgf
ouFGfYWfS71gKBhCFVH1+UrV3PbnjLG3FzRFgkH2ula5o1/VqhW5DzItt1XfdvYU
36/j6NZykbXcBo0C4+iKgV/O7H3UqN1/KF+mIb44vyzVwj/Vfvj6wlINnyDMZolR
jqoYoWaaW53eFQuFiWd219R/LQUfNPWwN3jq590LD4HoblQrL0/KXAGuqEvP/Dy+
/k7llardqCgiZJsc2iyPNvrbIWJWy9z8K2IvTNuDNCiJZihf0tYG968tQ+eYE2fd
zSTUUR7tbv60jHdctA09Pxh0lTsCVFq3HKWUdGzq+tR95ufs/oLVJPJlqMKJqPsY
xQIDAQAB
-----END PUBLIC KEY-----
[root@localhost CA]# 
[root@localhost CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:WH
Organization Name (eg, company) [Default Company Ltd]:JINXIN     
Organizational Unit Name (eg, section) []:JINXIN
Common Name (eg, your name or your server's hostname) []:test.example.com
Email Address []:123@qq.com

ssl

[root@localhost ~]# cd /usr/local/apache/conf/
[root@localhost conf]# ls
extra  httpd.conf  magic  mime.types  original
[root@localhost conf]# mkdir ssl
[root@localhost conf]# cd ssl/
[root@localhost ssl]# (umask 077;openssl genrsa -out httpd.key 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
.....+++++
....................................................................................+++++
e is 65537 (0x010001)
[root@localhost ssl]# openssl req -new -key httpd.key -days 365 -out httpd.csr
Ignoring -days; not generating a certificate
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:WH
Organization Name (eg, company) [Default Company Ltd]:JINXIN
Organizational Unit Name (eg, section) []:JINXIN
Common Name (eg, your name or your server's hostname) []:test.example.com
Email Address []:123@qq.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@localhost ssl]# ls
httpd.csr  httpd.key

[root@localhost ssl]# openssl ca -in httpd.csr -out httpd.crt -days 365
[root@localhost ssl]# ls
httpd.crt  httpd.csr  httpd.key

3.配置https

[root@localhost ~]# vi /usr/local/apache/conf/extra/httpd-vhosts.conf
[root@localhost ~]# cat /usr/local/apache/conf/extra/httpd-vhosts.conf
Include conf/extra/httpd-ssl.conf

[root@localhost ~]# vi /usr/local/apache/conf/extra/httpd-ssl.conf 
DocumentRoot "/usr/local/apache/htdocs/text.example.com"  
ServerName text.example.com:443   
ServerAdmin you@example.com   
ErrorLog "/usr/local/apache/logs/error_log"
TransferLog "/usr/local/apache/logs/access_log"


SSLCertificateFile "/usr/local/apache/conf/ssl/httpd.crt"   

SSLCertificateKeyFile "/usr/local/apache/conf/ssl/httpd.key"

[root@localhost ~]# cd /usr/local/apache/conf/
[root@localhost conf]# httpd -t
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
AH01624: <RequireAll> directive contains only negative authorization directives
AH00014: Configuration check failed
[root@localhost conf]# vi /usr/local/apache/conf/httpd.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so           //删除此行

在这里插入图片描述

举报

相关推荐

0 条评论