2013 年 7 月 – Linux Cache

下载证书压缩包包含CA根证书和服务器证书

用于证书请求的key文件

编辑apache配置文件

[root@pfx ~]# cd /usr/local/apache/conf/
[root@pfx conf]# vi httpd.conf

[root@pfx conf]# cd extra/
[root@pfx extra]# vi httpd-ssl.conf

服务器证书
SSLCertificateFile “/usr/local/apache/conf/server.crt”
#SSLCertificateFile “/usr/local/apache/conf/server-dsa.crt”

SSLCertificateFile “/usr/local/apache/conf/sample.com.crt”

服务器私钥KEY文件
SSLCertificateKeyFile “/usr/local/apache/conf/server.key”
#SSLCertificateKeyFile “/usr/local/apache/conf/server-dsa.key”

SSLCertificateKeyFile “/usr/local/apache/conf/sample.com.key”

重启Apache

检测语法
[root@pfx extra]# apachectl -t
Syntax error on line 56 of /usr/local/apache/conf/extra/httpd-ssl.conf:
Invalid command ‘SSLPassPhraseDialog’, perhaps misspelled or defined by a module not included in the server configuration
[root@pfx extra]#

查看是否加载mod_ssl模块
[root@pfx extra]# apachectl -l |grep ssl
[root@pfx extra]#

查看apache有关ssl的编译参数
[root@pfx httpd-2.2.24]# ./configure –help |grep ssl
–enable-ssl SSL/TLS support (mod_ssl)
–enable-distcache Select distcache support in mod_ssl
–with-sslport=SSLPORT Port on which to securelisten (default is 443)
–with-sslc=DIR RSA SSL-C SSL/TLS toolkit
–with-ssl=DIR OpenSSL SSL/TLS toolkit
[root@pfx httpd-2.2.24]#

查看当前版本apache的安装编译参数

重新编译安装Apache

[root@pfx httpd-2.2.24]# ./configure –prefix=/usr/local/apache \
> –enable-so –enable-rewrite –enable-ssl
[root@pfx httpd-2.2.24]# make

[root@pfx httpd-2.2.24]# make install

[root@pfx httpd-2.2.24]# /usr/local/apache2/bin/apachectl -l |grep ssl
mod_ssl.c
[root@pfx httpd-2.2.24]#
[root@pfx httpd-2.2.24]# netstat -lutn |grep 80
tcp 0 0 :::80 :::* LISTEN
[root@pfx httpd-2.2.24]#
[root@pfx httpd-2.2.24]# apachectl stop
[root@pfx httpd-2.2.24]# mv /usr/local/apache/ /usr/local/apache2

—————————————————
Listen 80

LoadModule php5_module modules/libphp5.so

User apache
Group apache
ServerName 192.168.197.15:80

DirectoryIndex index.html index.php

AddType application/x-httpd-php .php

Alias /pa “/usr/local/postfixadmin”

<Directory “/usr/local/postfixadmin”>
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
—————————————————
[root@pfx extra]# apachectl start
Apache/2.2.24 mod_ssl/2.2.24 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server www.example.com:443 (RSA)
Enter pass phrase:

OK: Pass Phrase Dialog successful.
[root@pfx extra]#
强制SSL

RewriteEngine On
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R,L]

[root@pfx conf]# apachectl stop
[root@pfx conf]# apachectl start
Apache/2.2.24 mod_ssl/2.2.24 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server www.example.com:443 (RSA)
Enter pass phrase:

OK: Pass Phrase Dialog successful.
[root@pfx conf]#

直接重定向到mail.linuxcache.com
RewriteEngine On
RewriteRule ^(.*)$ https://mail.linuxcache.com/$1 [R,L]

……

CentOS6.3最小化系统安装PHP Apache MySQL基本运行环境

[root@localhost ~]# yum install httpd mysql-server php php-mysql php-pdo

安装包与依赖包及其版本信息

Installed:
httpd.i686 0:2.2.15-28.el6.centos mysql-server.i686 0:5.1.69-1.el6_4
php.i686 0:5.3.3-23.el6_4 php-mysql.i686 0:5.3.3-23.el6_4
php-pdo.i686 0:5.3.3-23.el6_4

Dependency Installed:
apr.i686 0:1.3.9-5.el6_2
apr-util.i686 0:1.3.9-3.el6_0.1
apr-util-ldap.i686 0:1.3.9-3.el6_0.1
httpd-tools.i686 0:2.2.15-28.el6.centos
mailcap.noarch 0:2.1.31-2.el6
mysql.i686 0:5.1.69-1.el6_4
mysql-libs.i686 0:5.1.69-1.el6_4
perl.i686 4:5.10.1-131.el6_4
perl-DBD-MySQL.i686 0:4.013-3.el6
perl-DBI.i686 0:1.609-4.el6
perl-Module-Pluggable.i686 1:3.90-131.el6_4
perl-Pod-Escapes.i686 1:1.04-131.el6_4
perl-Pod-Simple.i686 1:3.13-131.el6_4
perl-libs.i686 4:5.10.1-131.el6_4
perl-version.i686 3:0.77-131.el6_4
php-cli.i686 0:5.3.3-23.el6_4
php-common.i686 0:5.3.3-23.el6_4

解压缩并查看目录

[root@localhost ~]# mv phpMyAdmin-4.0.4.1-all-languages /var/www/html/pma

[root@localhost ~]# cd /var/www/html/pma/

[root@localhost pma]# cp config.sample.inc.php config.inc.php

安装mbstring扩展

[root@localhost pma]# yum install php-mbstring
[root@localhost pma]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@localhost pma]#

未安装mbsting扩展时使用浏览器访问phpmyadmin的错误信息及Apache错误日志信息

HTTP Error 500 (Internal Server Error): An unexpected condition was encountered while the server was attempting to fulfill the request.

[Mon Jul 01 12:00:56 2013] [error] [client 192.168.1.24] PHP Fatal error: Call to undefined function mb_detect_encoding() in /var/www/html/pma/libraries/php-gettext/gettext.inc on line 177

安装mcrypt扩展

[root@localhost pma]# yum install php-mcrypt
Loaded plugins: fastestmirror, presto
Loading mirror speeds from cached hostfile
* base: mirrors.btte.net
* extras: ftp.stu.edu.tw
* updates: mirrors.btte.net
Setting up Install Process
No package php-mcrypt available.
Error: Nothing to do
[root@localhost pma]#

下载并安装EPEL

[root@localhost pma]# yum install wget

https://fedoraproject.org/wiki/EPEL
[root@localhost ~]# wget http://mirrors.yun-idc.com/epel/6/i386/epel-release-6-8.noarch.rpm

[root@localhost ~]# rpm -lpq epel-release-6-8.noarch.rpm
warning: epel-release-6-8.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
/etc/rpm/macros.ghc-srpm
/etc/yum.repos.d/epel-testing.repo
/etc/yum.repos.d/epel.repo
/usr/share/doc/epel-release-6
/usr/share/doc/epel-release-6/GPL
[root@localhost ~]#

使用EPEL更新源安装php-mcrypt扩展包

[root@localhost ~]# yum install php-mcrypt

重启Apache服务器

[root@localhost ~]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@localhost ~]#