虚拟主机的使用与ssl模块使用
虚拟主机的配置与使用
修改虚拟主机的配置文件
[root@YL conf.d]# vim httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/var/www/html/feiji"
ServerName www.feiji.com
ErrorLog "/var/log/httpd/www.feiji.com-error_log"
CustomLog "/var/log/httpd/www.feiji.com-access_log" common
</VirtualHost>
listen 81
<VirtualHost *:81>
DocumentRoot "/var/www/html/tanke"
ServerName www.tanke.com
ErrorLog "/var/log/httpd/www.tanke.com-error_log"
CustomLog "/var/log/httpd/www.tanke.com-access_log" common
</VirtualHost>
创建网址的根目录
[root@YL html]# mkdir feiji tanke
[root@YL feiji]# unzip feijiedazhan.zip
Archive: feijiedazhan.zip
[root@YL tanke]# unzip 坦克.zip
Archive: 坦克.zip
重启httpd
[root@YL conf.d]# systemctl restart httpd
查看端口号
[root@YL conf.d]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:81 *:*
去到网址访问
相同地址不同端口(只不允许虚拟机访问其他都可以访问)
[root@YL ~]#curl http://192.168.124.128/feiji
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
Forbidden
<p>You don't have permission to access this resource.</p>
</body></html>
[root@YL ~]# curl http://192.168.124.128:81/feiji
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
403 Forbidden
Forbidden
<p>You don't have permission to access this resource.</p>
</body></html>
物理机访问
不同ip相同端口
<VirtualHost 192.168.124.127:80>
DocumentRoot "/var/www/html/feiji"
ServerName www.feiji.com
ErrorLog "/var/log/httpd/www.feiji.com-error_log"
CustomLog "/var/log/httpd/www.feiji.com-access_log" common
</VirtualHost>
<Directory "/var/www/html">
<RequireAll>
Require not ip 192.168.124.128
Require all granted
</RequireAll>
</Directory>
<VirtualHost 192.168.124.111:80>
DocumentRoot "/var/www/html/tanke"
ServerName www.tanke.com
ErrorLog "/var/log/httpd/www.tanke.com-error_log"
CustomLog "/var/log/httpd/www.tanke.com-access_log" common
</VirtualHost>
<Directory "/var/www/html/">
<RequireAll>
Require not ip 192.168.124.111
Require all granted
</RequireAll>
</Directory>
相同ip相同端口不同域名
<VirtualHost *:80>
DocumentRoot "/var/www/html/feiji"
ServerName www.feiji.com
ErrorLog "/var/log/httpd/www.feiji.com-error_log"
CustomLog "/var/log/httpd/www.feiji.com-access_log" common
</VirtualHost>
<Directory "/var/www/html">
<RequireAll>
Require not ip 192.168.124.128
Require all granted
</RequireAll>
</Directory>
<VirtualHost *:80>
DocumentRoot "/var/www/html/tanke"
ServerName www.tanke.com
ErrorLog "/var/log/httpd/www.tanke.com-error_log"
CustomLog "/var/log/httpd/www.tanke.com-access_log" common
</VirtualHost>
<Directory "/var/www/html/">
<RequireAll>
Require not ip 192.168.124.111
Require all granted
</RequireAll>
</Directory>
设置映射
192.168.124.128 www.feiji.com www.tanke.com
安装ssl模块
[root@YL html]# yum -y install mod_ssl
Last metadata expiration check: 2:07:11 ago on Sat 23 Jul 2022 06:02:55 PM CST.
Dependencies resolved.
=============================================================================
Package Arch Version Repo Size
=============================================================================
Installing:
查看ssl端口
[root@YL html]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 *:443 *:*
LISTEN 0 128 *:80 *:*
生成密钥
[root@YL CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
...................+++++
................................+++++
e is 65537 (0x010001)
[root@YL CA]#
修改ssl的路径
[root@YL conf.d]# vim ssl.conf
SSLCertificateFile /etc/httpd/ssl/httpd.crt
SSLCertificateKeyFile /etc/httpd/ssl/httpd.key
将指定的证书给www.feiji.com这个网站使用
[root@YL conf.d]# vim ssl.conf
DocumentRoot "/var/www/html/feiji"
ServerName www.feiji.com:443
查看443端口是否启动
[root@YL conf.d]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 *:443 *:*
LISTEN 0 128 *:80 *:*
ssl模块已安装完成
https://www.feiji.com/
