Apache+SSL, PHP, and MySQL

国外的帖子，简单的英文
Apache+SSL, PHP, and MySQL
Updated: 12/10/2004
General Information
I'm sure many of you have been wondering how people host secure sites using Secure Sockets Layer (SSL). This guide will show you how to set up a web server with SSL, PHP, and MySQL support.
Requirements
In order for public access to your website, you must have a valid domain name.
A text editor (for this guide we will use Nano)
Installation
Section A -- Apache+mod_ssl
First thing we need to do is install the Apache web server. Currently there are two main versions available: 1.3.x and 2.0.x. I will be teaching from the 1.3x branch, but many of the steps are the same for 2.0.x. I will also make notes for those of you who choose to use the 2.0.x branch.
#cd /usr/ports/www/apache13-modssl
#make install distclean
Apache now gets started on system boot from rc.conf so let's add the respective entry:
# echo 'apache_enable="YES"' >> /etc/rc.conf
# echo 'apache_flags="-DSSL"' >> /etc/rc.conf
*Note for Apache2 users: You only need to install the apache2 port, but then you have to manually create the directories for the SSL Certificate and Key.
#cd /usr/ports/www/apache2
#make install distclean
#echo 'apache2_enable="YES"' >> /etc/rc.conf
#echo 'apache2_flags="-DSSL"' >> /etc/rc.conf
#mkdir /usr/local/etc/apache2/ssl.key
#mkdir /usr/local/etc/apache2/ssl.crt
#chmod 0700 /usr/local/etc/apache2/ssl.key
#chmod 0700 /usr/local/etc/apache2/ssl.crt
Section B -- MySQL:
#cd /usr/ports/databases/mysql40-server
#make install WITH_OPENSSL=yes distclean
Take a break while it downloads, compiles, and installs. It'll take about 45 minutes on a K6-2 350MHz.
Section C -- PHP:
#cd /usr/ports/www/mod_php4
#make install distclean
#cd /usr/ports/lang/php4-extensions
#make install distclean
Now, when you get to the PHP configuration screen, you just need to check the OpenSSL box and leave the rest of the default values alone, unless you plan on installing other applications, such as the IMP Webmail, that require other PHP modules. Time to take another break.
PHP should be installed by now. At the end of the installation, you will need to edit Apache's configuration file to add two lines after all the "LoadModule" lines for PHP support.
# nano -w /usr/local/etc/apache/httpd.conf
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
Configuration
Section A -- Create Certificate
It is now time to create your own certificate using the openssl utility. Now, you need to understand that one server can hold multiple certificates, but only one per listening IP address. So, if your server is listening on one IP address, you can only have one certificate for the server. All of your virtual domains can share the same certificate, but clients will get warning prompts when they connect to a secure site where the certificate does not match the domain name. If your server is listening on multiple IP addresses, your virtual hosts have to be IP-based -- not name-based. This is something to consider when creating your certificate.

标签：

版权申明：本站文章部分自网络，如有侵权，请联系：west999com@outlook.com
特别注意：本站所有转载文章言论不代表本站观点，本站所提供的摄影照片，插画，设计作品，如需使用，请与原作者联系，版权归原作者所有