0
点赞
收藏
分享

微信扫一扫

1.编译安装httpd

秀妮_5519 2022-04-18 阅读 60
linux

1.编译安装httpd

1.1 下载安装包

[root@yyx1 ~]# wget https://downloads.apache.org/apr/apr-1.7.0.tar.gz //下载apr
[root@yyx1 ~]# wget https://downloads.apache.org/apr/apr-util-1.6.1.tar.gz //下载apr-util
[root@yyx1 ~]# wget https://downloads.apache.org/httpd/httpd-2.4.53.tar.gz //下载httpd
注: linux系统自带.gz格式解压工具,如果是其他格式需要自行安装相应工具

1.2 安装依赖包

[root@yyx1 ~]# yum groups mark install "Development Tools" //安装开发环境
[root@yyx1 ~]# groupadd -r apache //创建组
[root@yyx1 ~]# useradd -r -g apache apache //创建用户到组
[root@yyx1 ~]# yum -y install openssl-devel pcre-devel make expat-devel gcc gcc-c++ libtool-ltdl-devel //安装各种依赖包

[root@yyx1 ~]# ls
anaconda-ks.cfg  apr-1.7.0.tar.gz  apr-util-1.6.1.tar.gz  httpd-2.4.53.tar.gz
[root@yyx1 ~]# tar xf apr-1.7.0.tar.gz  //解压apr
[root@yyx1 ~]# tar xf apr-util-1.6.1.tar.gz  //解压apr-util
[root@yyx1 ~]# tar xf httpd-2.4.53.tar.gz  //解压httpd
[root@yyx1 ~]# ls
anaconda-ks.cfg  apr-1.7.0.tar.gz  apr-util-1.6.1.tar.gz  httpd-2.4.53.tar.gz
apr-1.7.0        apr-util-1.6.1    httpd-2.4.53

1.3 安装httpd

[root@yyx1 ~]# cd apr-1.7.0
[root@yyx1 apr-1.7.0]# ls
apr-config.in  build             configure.in  libapr.dep    memory         random        threadproc
apr.dep        build.conf        docs          libapr.dsp    misc           README        time
apr.dsp        buildconf         dso           libapr.mak    mmap           README.cmake  tools
apr.dsw        build-outputs.mk  emacs-mode    libapr.rc     network_io     shmem         user
apr.mak        CHANGES           encoding      LICENSE       NOTICE         strings
apr.pc.in      CMakeLists.txt    file_io       locks         NWGNUmakefile  support
apr.spec       config.layout     helpers       Makefile.in   passwd         tables
atomic         configure         include       Makefile.win  poll           test
[root@yyx1 apr-1.7.0]# vim configure
    cfgfile=${ofile}T
    trap "$RM \"$cfgfile\"; exit 1" 1 2 15
   # $RM "$cfgfile" //找到这一行并且注释掉或者删除
[root@yyx1 apr-1.7.0]# ./configure --prefix=/usr/local/apr 
[root@yyx1 apr-1.7.0]# make

[root@yyx1 ~]# cd apr-util-1.6.1 //进去apr-util目录
[root@yyx1 apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr //安装
[root@yyx1 apr-1.7.0]# make install
[root@yyx1 apr-util-1.6.1]# make
[root@yyx1 apr-util-1.6.1]# make install

[root@yyx1 httpd-2.4.53]# ./configure --prefix=/usr/local/apache \
 --enable-so \
 --enable-ssl \
 --enable-cgi \
 --enable-rewrite \
 --with-zlib \
 --with-pcre \
 --with-apr=/usr/local/apr \
 --with-apr-util=/usr/local/apr-util/ \
 --enable-modules=most \
 --enable-mpms-shared=all \
 --with-mpm=prefork
[root@yyx1 httpd-2.4.53]# make
[root@yyx1 httpd-2.4.53]# make install

//完成安装apache

1.4 配置文件

[root@yyx1 ~]# ls /usr/local/
apache  apr  apr-util  bin  etc  games  include  lib  lib64  libexec  sbin  share  src
[root@yyx1 ~]# echo 'export PATH=/usr/local/apache/bin:$PATH' >/etc/profile.d/apache.sh
[root@yyx1 ~]# source /etc/profile.d/apache.sh 
[root@yyx1 ~]# which httpd
/usr/local/apache/bin/httpd
[root@yyx1 ~]# which apachectl
/usr/local/apache/bin/apachectl

[root@yyx1 ~]# ln -s /usr/local/apache/include /usr/include/apache //设置头文件
[root@yyx1 ~]# vim /etc/man_db.conf  //更改设置
MANDATORY_MANPATH                       /usr/man
MANDATORY_MANPATH                       /usr/share/man
MANDATORY_MANPATH                       /usr/local/share/man
MANDATORY_MANPATH                       /usr/local/apache/man //添加这一行

1.5关闭防火墙

[root@yyx1 ~]# systemctl disable --now firewalld //关闭防火墙
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@yyx1 ~]# systemctl status firewalld //查看状态
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)

Apr 17 22:45:13 yyx1 systemd[1]: Starting firewalld - dynamic firewall daemon...
Apr 17 22:45:14 yyx1 systemd[1]: Started firewalld - dynamic firewall daemon.
Apr 17 22:45:14 yyx1 firewalld[916]: WARNING: AllowZoneDrifting is enabled. This is considered an ins>
Apr 18 00:06:49 yyx1 systemd[1]: Stopping firewalld - dynamic firewall daemon...
Apr 18 00:06:49 yyx1 systemd[1]: firewalld.service: Succeeded.
Apr 18 00:06:49 yyx1 systemd[1]: Stopped firewalld - dynamic firewall daemon.

[root@yyx1 ~]# setenforce 0
[root@yyx1 ~]# getenforce
Permissive
[root@yyx1 ~]# vim /etc/selinux/config 
SELINUX=disabled  //更改这一行的内容

1.6 启动apache

[root@yyx1 ~]# ss -antl //查看端口
State      Recv-Q     Send-Q           Local Address:Port           Peer Address:Port     Process     
LISTEN     0          128                    0.0.0.0:22                  0.0.0.0:*                    
LISTEN     0          128                       [::]:22                     [::]:*                    
[root@yyx1 ~]# which apachectl //查看路径
/usr/local/apache/bin/apachectl
[root@yyx1 ~]# apachectl start //开启服务
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::20c:29ff:fe70:3d37%ens33. Set the 'ServerName' directive globally to suppress this message //这里是警告,不用管
[root@yyx1 ~]# ss -antl //查看端口
State      Recv-Q     Send-Q           Local Address:Port           Peer Address:Port     Process     
LISTEN     0          128                    0.0.0.0:22                  0.0.0.0:*                    
LISTEN     0          128                          *:80                        *:*                    
LISTEN     0          128                       [::]:22                     [::]:*  

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-26mwKOyk-1650219676173)(C:\Users\Admin\AppData\Roaming\Typora\typora-user-images\1650211979456.png)]

1.7 设置apache服务

[root@yyx1 ~]# cd /usr/lib/systemd/system
[root@yyx1 system]# ls sshd.service 
sshd.service
[root@yyx1 system]# cp sshd.service httpd.service //复制文件
[root@yyx1 system]# vi httpd.service  //编辑文本内容如下
[Unit]
Description=httpd server daemon
Documentation=man:httpd(8) 
After=network.target sshd-keygen.target

[Service]
Type=forking
ExecStart=/usr/local/apache/bin/apachectl start
ExecStop=/usr/local/apache/bin/apachectl stop
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target
~                                 

[root@yyx1 apache]# systemctl start httpd
[root@yyx1 apache]# systemctl status httpd
● httpd.service - httpd server daemon
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Mon 2022-04-18 00:26:12 CST; 17s ago
     Docs: man:httpd(8)
  Process: 49312 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, status=0/SUCCESS)
 Main PID: 49315 (httpd)
    Tasks: 6 (limit: 4724)
   Memory: 4.3M
   CGroup: /system.slice/httpd.service
           ├─49315 /usr/local/apache/bin/httpd -k start
           ├─49316 /usr/local/apache/bin/httpd -k start
           ├─49317 /usr/local/apache/bin/httpd -k start
           ├─49318 /usr/local/apache/bin/httpd -k start
           ├─49319 /usr/local/apache/bin/httpd -k start
           └─49320 /usr/local/apache/bin/httpd -k start

Apr 18 00:25:57 yyx1 systemd[1]: Starting httpd server daemon...
Apr 18 00:26:12 yyx1 apachectl[49314]: AH00558: httpd: Could not reliably determine the server's full>
Apr 18 00:26:12 yyx1 systemd[1]: Started httpd server daemon.
lines 1-19/19 (END)

1.8设置开机自启

[root@yyx1 apache]# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@yyx1 apache]# systemctl status httpd
● httpd.service - httpd server daemon
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2022-04-18 00:26:12 CST; 55s ago
     Docs: man:httpd(8)
 Main PID: 49315 (httpd)
    Tasks: 6 (limit: 4724)
   Memory: 4.3M
   CGroup: /system.slice/httpd.service
           ├─49315 /usr/local/apache/bin/httpd -k start
           ├─49316 /usr/local/apache/bin/httpd -k start
           ├─49317 /usr/local/apache/bin/httpd -k start
           ├─49318 /usr/local/apache/bin/httpd -k start
           ├─49319 /usr/local/apache/bin/httpd -k start
           └─49320 /usr/local/apache/bin/httpd -k start

Apr 18 00:25:57 yyx1 systemd[1]: Starting httpd server daemon...
Apr 18 00:26:12 yyx1 apachectl[49314]: AH00558: httpd: Could not reliably determine the server's full>
Apr 18 00:26:12 yyx1 systemd[1]: Started httpd server daemon.

2.三种不同类型的虚拟主机

2.1 IP

[root@yyx1 ~]# cd /usr/local/apache/htdocs/ //进入文件
[root@yyx1 htdocs]# mkdir test.example.com //创建测试文件
[root@yyx1 htdocs]# ls
index.html  test.example.com
[root@yyx1 htdocs]# cd test.example.com/ //进入配置文件
[root@yyx1 test.example.com]# echo 'hello!' > yyx.html //新建网页文件

[root@yyx1 test.example.com]# cd /usr/local/apache/conf/extra/
[root@yyx1 extra]# vim httpd-vhosts.conf 

<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test.example.com-access_log" common
</VirtualHost>

[root@yyx1 extra]# vim /usr/local/apache/conf/httpd.conf 
# Virtual hosts
Include conf/extra/httpd-vhosts.conf //取消这一行的注释
[root@yyx1 extra]# systemctl restart httpd //重启

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-rqng04E9-1650219676175)(C:\Users\Admin\AppData\Roaming\Typora\typora-user-images\1650216340008.png)]

2.2 相同ip不同端口


[root@yyx1 htdocs]# mkdir yyx.example.com //创建新目录
[root@yyx1 htdocs]# cd yyx.example.com/ //进入目录
[root@yyx1 yyx.example.com]# echo 'this is work' > index.html //写入内容
[root@yyx1 yyx.example.com]# cd /usr/local/apache/conf/extra/
[root@yyx1 extra]# vim httpd-vhosts.conf //修改文件内容如下
Listen 81
<VirtualHost *:81>
    DocumentRoot "/usr/local/apache/htdocs/yyx.example.com"
    ServerName yyx.example.com
    ErrorLog "logs/yyx.example.com-error_log"
    CustomLog "logs/yyx.example.com-access_log" common
</VirtualHost>

2.3 不同ip相同端口

[root@yyx1 ~]# ip addr add 192.168.24.160/24 dev ens33
[root@yyx1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:70:3d:37 brd ff:ff:ff:ff:ff:ff
    inet 192.168.24.128/24 brd 192.168.24.255 scope global dynamic noprefixroute ens33
       valid_lft 1776sec preferred_lft 1776sec
    inet 192.168.24.160/24 scope global secondary ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe70:3d37/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@yyx1 ~]# cd /usr/local/apache/conf/extra/
<VirtualHost *:192.168.24.128:80>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test.example.com-access_log" common
</VirtualHost>
<VirtualHost *:192.168.24.160:80>
    DocumentRoot "/usr/local/apache/htdocs/yyx.example.com"
    ServerName yyx.example.com
    ErrorLog "logs/yyx.example.com-error_log"
    CustomLog "logs/yyx.example.com-access_log" common
</VirtualHost>

3.3 相同ip端口不同域名

[root@yyx1 extra]# vim httpd-vhosts.conf
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test.example.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/yyx.example.com"
    ServerName yyx.example.com
    ErrorLog "logs/yyx.example.com-error_log"
    CustomLog "logs/yyx.example.com-access_log" common
</VirtualHost>

在C:\Windows\System32\drivers\etc\ 路径下用记事本打开文件并且编写如下内容

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-rfk1BS3x-1650219676176)(C:\Users\Admin\AppData\Roaming\Typora\typora-user-images\1650219501578.png)]

3.Fttps配置

3.1 生成证书

CA生成一对密钥
[root@yyx1 extra]# cd /etc/pki/ //CA的配置文件:/etc/pki/tls/openssl.cnf
[root@yyx1 pki]# mkdir CA
[root@yyx1 pki]# cd CA/
[root@yyx1 CA]# mkdir private
[root@yyx1 CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)  //生成密钥,括号必须要
Generating RSA private key, 2048 bit long modulus (2 primes)
......+++++
....................................+++++
e is 65537 (0x010001)

CA生成自签署证书
[root@yyx1 CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365 //生成自签署证书
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:QJ
Organization Name (eg, company) [Default Company Ltd]:666
Organizational Unit Name (eg, section) []:666
Common Name (eg, your name or your server's hostname) []:yyx.example.com
Email Address []:666@qq.com
[root@yyx1 CA]# mkdir certs newcerts crl
[root@yyx1 CA]# touch index.txt && echo 01 > serial

 客户端(例如httpd服务器)生成密钥
[root@yyx1 CA]# cd /usr/local/apache/conf/
[root@yyx1 conf]# mkdir ssl
[root@yyx1 conf]# cd ssl/
[root@yyx1 ssl]# (umask 077;openssl genrsa -out httpd.key 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
............................+++++
........................+++++
e is 65537 (0x010001)

客户端生成证书签署请求
[root@yyx1 ssl]# openssl req -new -key httpd.key -days 365 -out httpd.csr
Ignoring -days; not generating a certificate
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:QJ
Organization Name (eg, company) [Default Company Ltd]:666
Organizational Unit Name (eg, section) []:666
Common Name (eg, your name or your server's hostname) []:yyx.example.com
Email Address []:666@qq.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

CA签署客户端提交上来的证书
[root@yyx1 ssl]# openssl ca -in httpd.csr -out httpd.crt -days 365
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 1 (0x1)
        Validity
            Not Before: Apr 17 17:58:32 2022 GMT
            Not After : Apr 17 17:58:32 2023 GMT
        Subject:
            countryName               = CN
            stateOrProvinceName       = HB
            organizationName          = 666
            organizationalUnitName    = 666
            commonName                = yyx.example.com
            emailAddress              = 666@qq.com
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Comment: 
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier: 
                AC:29:3A:5F:87:F2:8B:41:06:39:3C:81:CC:80:DE:0A:4B:B8:43:14
            X509v3 Authority Key Identifier: 
                keyid:B2:AD:BE:AE:4B:22:D6:48:BB:9C:A2:C8:84:FD:BE:F3:AF:55:D0:6F

Certificate is to be certified until Apr 17 17:58:32 2023 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

配置文件
[root@yyx1 ssl]# cd /usr/local/apache/conf/
[root@yyx1 conf]# vim httpd.conf
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf //取消注释

[root@yyx1 conf]# vim extra/httpd-ssl.conf //修改以下内容
DocumentRoot "/usr/local/apache/htdocs/yyx.example.com"
ServerName yyx.example.com:443
ServerAdmin you@example.com
ErrorLog "/usr/local/apache/logs/error_log"
TransferLog "/usr/local/apache/logs/access_log"
SSLCertificateFile "/usr/local/apache/conf/ssl/httpd.crt"
SSLCertificateKeyFile "/usr/local/apache/conf/ssl/httpd.key"


6.过程中出现错误的解决方法

[root@yyx2 ~]# wget https://downloads.apache.org/apr/apr-1.7.0.tar.gz 
-bash: wget: command not found
//未安装wget

解决方法:
[root@yyx2 ~]# yum -y install wget
------------------------------------------------------------------
[root@yyx2 apr-1.7.0]# ./configure --prefix=/usr/local/apr 
configure: error: in `/root/apr-1.7.0':
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details
//未安装编译环境

解决方法:
[root@yyx2 apr-1.7.0]# yum -y install gcc gcc-c++
------------------------------------------------------------------
[root@yyx2 apr-1.7.0]# ./configure --prefix=/usr/local/apr 
config.status: executing libtool commands
rm: cannot remove 'libtoolT': No such file or directory
config.status: executing default commands
//未安装依赖包

解决方法:
[root@yyx2 apr-1.7.0]#yum -y install libtool-ltdl-devel
------------------------------------------------------------------
[root@yyx2 apr-1.7.0]# ./configure --prefix=/usr/local/apr
rm: cannot remove 'libtoolT': No such file or directory
config.status: executing default commands
config.status: include/apr.h is unchanged
config.status: include/arch/unix/apr_private.h is unchanged
//未修改配置文件

解决方法:
[root@yyx2 apr-1.7.0]# vim configure
    cfgfile=${ofile}T
    trap "$RM \"$cfgfile\"; exit 1" 1 2 15
   # $RM "$cfgfile" //找到这一行并且注释掉或者删除
------------------------------------------------------------------
[root@yyx2 apr-1.7.0]# make
-bash: make: command not found
//未安装make

解决方法:
[root@yyx2 apr-1.7.0]# yum -y install make
------------------------------------------------------------------
[root@yyx2 apr-util-1.6.1]# make
make: *** No targets specified and no makefile found.  Stop.
//没有执行前置命令

解决方法:
[root@yyx2 apr-1.7.0]# make install //进入apr里面安装 
[root@yyx2 apr-util-1.6.1]#  ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr //然后执行这个命令
------------------------------------------------------------------
ml/apr_xml.c:35:10: fatal error: expat.h: No such file or directory
 #include <expat.h>
          ^~~~~~~~~
compilation terminated.
make[1]: *** [/root/apr-util-1.6.1/build/rules.mk:206: xml/apr_xml.lo] Error 1
make[1]: Leaving directory '/root/apr-util-1.6.1'
make: *** [/root/apr-util-1.6.1/build/rules.mk:118: all-recursive] Error 1
//缺少依赖库

解决方法:
[root@yyx2 apr-util-1.6.1]# yum -y install expat-devel
------------------------------------------------------------------
configure: error: pcre(2)-config for libpcre not found. PCRE is required and available from http://pcre.org/
//缺少依赖库

解决方法:
[root@yyx2 httpd-2.4.53]# yum -y install pcre-devel
------------------------------------------------------------------
configure: WARNING: OpenSSL version is too old
no
checking whether to enable mod_ssl... configure: error: mod_ssl has been requested but can not be built due to prerequisite failures
//缺少依赖库

解决方法:
[root@yyx2 httpd-2.4.53]# yum -y install openssl-devel
------------------------------------------------------------------
collect2: error: ld returned 1 exit status
make[2]: *** [Makefile:48: htpasswd] Error 1
make[2]: Leaving directory '/root/httpd-2.4.53/support'
make[1]: *** [/root/httpd-2.4.53/build/rules.mk:75: all-recursive] Error 1
make[1]: Leaving directory '/root/httpd-2.4.53/support'
make: *** [/root/httpd-2.4.53/build/rules.mk:75: all-recursive] Error 1
//缺少依赖库

解决方法:
[root@yyx2 httpd-2.4.53]#sudo make install
------------------------------------------------------------------

collect2: error: ld returned 1 exit status
make[2]: *** [Makefile:48: htpasswd] Error 1
make[2]: Leaving directory ‘/root/httpd-2.4.53/support’
make[1]: *** [/root/httpd-2.4.53/build/rules.mk:75: all-recursive] Error 1
make[1]: Leaving directory ‘/root/httpd-2.4.53/support’
make: *** [/root/httpd-2.4.53/build/rules.mk:75: all-recursive] Error 1
//缺少依赖库

解决方法:
[root@yyx2 httpd-2.4.53]#sudo make install


举报

相关推荐

0 条评论