{"id":36513,"date":"2023-02-14T02:20:57","date_gmt":"2023-01-17T06:18:24","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/"},"modified":"2024-04-29T14:31:17","modified_gmt":"2024-04-29T06:31:17","slug":"apache2-%e6%94%af%e6%8c%81-ssl","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/","title":{"rendered":"Apache2 \u652f\u6301 SSL"},"content":{"rendered":"<h1>Apache\u7684\u51c6\u5907<\/h1>\n<pre class=\"post-pre\"><code>$ sudo a2enmod ssl rewrite\r\n$ sudo a2ensite default-ssl\r\n$ sudo systemctl restart apache2\r\n$ nmap localhost\r\n\r\nStarting Nmap 7.80 ( https:\/\/nmap.org ) at 2020-09-18 21:00 JST\r\nNmap scan report for localhost (127.0.0.1)\r\nHost is up (0.000064s latency).\r\nNot shown: 995 closed ports\r\nPORT     STATE SERVICE\r\n80\/tcp   open  http\r\n443\/tcp  open  https\r\n<\/code><\/pre>\n<p>\u9010\u6b65\u89e3\u91ca\u4ee5\u4e0b\u4e8b\u9879\uff1a<br \/>\n1. \u5e94\u7528SSL\u901a\u4fe1\u6a21\u5757\u548c\u91cd\u5b9a\u5411\u6a21\u5757<br \/>\n2. \u542f\u7528SSL\u914d\u7f6e\u6587\u4ef6<br \/>\n3. \u91cd\u542fApache2\u670d\u52a1\u5668<br \/>\n4. \u68c0\u67e5SSL\u901a\u4fe1\u662f\u5426\u6b63\u5e38<\/p>\n<p>\u786e\u8ba4\u901a\u8fc7[\u670d\u52a1\u5668IP]\u8bbf\u95ee\uff0c\u786e\u4fddindex.html\u9875\u9762\u80fd\u591f\u663e\u793a\u3002<\/p>\n<h2>\u5982\u679c\u6ca1\u6709\u663e\u793a\u3002<\/h2>\n<p>sudo ufw status\u3067443\u30dd\u30fc\u30c8\u304c\u958b\u653e\u3055\u308c\u3066\u3044\u308b\u304b\u78ba\u8a8d\u3059\u308b<br \/>\n\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u30eb\u30fc\u30c8\u3092\u5909\u66f4\u3057\u3066\u3044\u306a\u3044\u304b\u78ba\u8a8d\u3059\u308b<\/p>\n<p>\u5909\u66f4\u3057\u3066\u3044\u308b\u5834\u5408\u306fdefault-ssl.conf\u306e\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u30eb\u30fc\u30c8\u3092\u4fee\u6b63\u3059\u308b<\/p>\n<h1>\u83b7\u53d6\u670d\u52a1\u5668\u8bc1\u4e66<\/h1>\n<p>\u5728\u8fd9\u91cc\uff0c\u53ef\u4ee5\u4f7f\u7528Let&#8217;s Encrypt\u7684\u7f51\u7ad9\u83b7\u53d6\u514d\u8d39\u7684\u670d\u52a1\u5668\u8bc1\u4e66\u6765\u4f7f\u7528\u3002<\/p>\n<pre class=\"post-pre\"><code># apt install -y certbot openssl\r\n# certbot certonly --webroot -w [\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u30eb\u30fc\u30c8] -d [\u30c9\u30e1\u30a4\u30f3\u540d]\r\n<\/code><\/pre>\n<p>\u6211\u5011\u5c07\u4f9d\u6b21\u9032\u884c\u4ee5\u4e0b\u5404\u884c\u7684\u89e3\u91cb\uff1a<br \/>\n1. \u5b89\u88ddcertbot\uff08\u7528\u65bcLet&#8217;s Encrypt\uff09\u548copenssl\uff08\u7528\u65bcOpenSSL\uff09\u3002<br \/>\n2. \u4f7f\u7528certbot\u7372\u53d6\u4f3a\u670d\u5668\u6191\u8b49\u3002<\/p>\n<p>\u4ee5\u4e0b\u662f\u4f7f\u7528 certbot certonly &#8211;webroot -w [\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u30eb\u30fc\u30c8] -d [\u30c9\u30e1\u30a4\u30f3\u540d] \u547d\u4ee4\u65f6\u6240\u9700\u8f93\u5165\u4fe1\u606f\u7684\u8bf4\u660e\uff1a<\/p>\n<p>1. \u8f93\u5165\u8054\u7cfb\u90ae\u7bb1\u5730\u5740<br \/>\n2. \u540c\u610f\u89c4\u5b9a\u6761\u6b3e<br \/>\n3. \u6ce8\u518c\u90ae\u4ef6\u5217\u8868<\/p>\n<h2>\u8bf7\u786e\u8ba4\u6587\u4ef6\u5df2\u521b\u5efa\u3002<\/h2>\n<pre class=\"post-pre\"><code># ls -l\r\n\u5408\u8a08 4\r\n-rw-r--r-- 1 root root 692  9\u6708 18 18:48 README\r\nlrwxrwxrwx 1 root root  37  9\u6708 18 18:50 cert.pem -&gt; ..\/..\/archive\/disk.mydns.jp\/cert2.pem\r\nlrwxrwxrwx 1 root root  38  9\u6708 18 18:50 chain.pem -&gt; ..\/..\/archive\/disk.mydns.jp\/chain2.pem\r\nlrwxrwxrwx 1 root root  42  9\u6708 18 18:50 fullchain.pem -&gt; ..\/..\/archive\/disk.mydns.jp\/fullchain2.pem\r\nlrwxrwxrwx 1 root root  40  9\u6708 18 18:50 privkey.pem -&gt; ..\/..\/archive\/disk.mydns.jp\/privkey2.pem\r\n<\/code><\/pre>\n<h1>Apache2\u7684\u914d\u7f6e<\/h1>\n<h2>\u5e94\u7528SSL\u8bc1\u4e66<\/h2>\n<pre class=\"post-pre\"><code>32 SSLCertificateFile      \/etc\/letsencrypt\/live\/disk.mydns.jp\/cert.pem\r\n33 SSLCertificateKeyFile \/etc\/letsencrypt\/live\/disk.mydns.jp\/privkey.pem\r\n34 SSLCertificateChainFile \/etc\/letsencrypt\/live\/disk.mydns.jp\/chain.pem\r\n<\/code><\/pre>\n<p>\u8bf7\u786e\u8ba4\u6839\u636e\u4e0a\u8ff0\u5185\u5bb9\u5bf9\u6bcf\u4e00\u884c\u8fdb\u884c\u66f4\u6539\u3002<br \/>\n\u8bf7\u8bbf\u95eehttps:\/\/[\u670d\u52a1\u5668IP]\u4ee5\u786e\u8ba4index.html\u9875\u9762\u662f\u5426\u663e\u793a\u3002<\/p>\n<h2>\u5c06HTTP\u91cd\u5b9a\u5411\u5230HTTPS<\/h2>\n<pre class=\"post-pre\"><code>RewriteEngine on\r\nRewriteCond %{HTTP_HOST} ^[\u30c9\u30e1\u30a4\u30f3\u540d]\r\nRewriteRule ^\/(.*)$ https:\/\/[\u30c9\u30e1\u30a4\u30f3\u540d]\/$1 [R=301,L]\r\n<\/code><\/pre>\n<p>\u901a\u8fc7\u6dfb\u52a0\u4e0a\u8ff0\u5185\u5bb9\uff0c\u53ef\u4ee5\u786e\u4fdd\u5c06\u9875\u9762\u91cd\u5b9a\u5411\u5230HTTPS\u3002<\/p>\n<h1>\u8ba9\u6211\u4eec\u81ea\u52a8\u66f4\u65b0Let&#8217;s Encrypt\u8bc1\u4e66\u3002<\/h1>\n<pre class=\"post-pre\"><code>* * * \/10 * * root certbot renew\r\n<\/code><\/pre>\n<p>\u5982\u679c\u6bcf10\u5929\u8fdb\u884c\u786e\u8ba4\uff0c\u8bf7\u6309\u7167\u4e0a\u8ff0\u65b9\u5f0f\u8fdb\u884c\u8ffd\u52a0\u3002<\/p>\n<h1>\u5e94\u7528\u8bbe\u7f6e\u5e76\u786e\u8ba4\u3002<\/h1>\n<pre class=\"post-pre\"><code>$ sudo systemctl restart apache2\r\n$ sudo systemctl status apache2\r\n\u25cf apache2.service - The Apache HTTP Server\r\n     Loaded: loaded (\/lib\/systemd\/system\/apache2.service; enabled; vendor preset: enabled)\r\n     Active: active (running) since Fri 2020-09-18 19:17:30 JST; 2h 40min ago\r\n       Docs: https:\/\/httpd.apache.org\/docs\/2.4\/\r\n    Process: 13140 ExecStart=\/usr\/sbin\/apachectl start (code=exited, status=0\/SUCCESS)\r\n   Main PID: 13159 (apache2)\r\n      Tasks: 8 (limit: 9388)\r\n     Memory: 15.4M\r\n     CGroup: \/system.slice\/apache2.service\r\n             \u251c\u250013159 \/usr\/sbin\/apache2 -k start\r\n             \u251c\u250013160 \/usr\/sbin\/apache2 -k start\r\n             \u251c\u250013161 \/usr\/sbin\/apache2 -k start\r\n             \u251c\u250013162 \/usr\/sbin\/apache2 -k start\r\n             \u251c\u250013163 \/usr\/sbin\/apache2 -k start\r\n             \u251c\u250013164 \/usr\/sbin\/apache2 -k start\r\n             \u251c\u250013168 \/usr\/sbin\/apache2 -k start\r\n             \u2514\u250013234 \/usr\/sbin\/apache2 -k start\r\n\r\n 9\u6708 18 19:17:30 hostname systemd[1]: Starting The Apache HTTP Server...\r\n 9\u6708 18 19:17:30 hostname systemd[1]: Started The Apache HTTP Server.\r\n<\/code><\/pre>\n<p>\u5982\u679c\u6309\u7167\u4e0a\u8ff0\u7684\u65b9\u5f0f\u64cd\u4f5c\uff0c\u6210\u529f\u7684\u8bdd\u5219\u53ea\u9700\u8bbf\u95eehttps:\/\/[\u57df\u540d]\u548chttp:\/\/[\u57df\u540d]\uff0c\u5e76\u786e\u8ba4\u4e24\u8005\u90fd\u80fd\u591f\u8fde\u63a5\u5230https:\/\/[\u57df\u540d]\uff0c\u90a3\u4e48\u5c31\u53ef\u4ee5\u4e86\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apache\u7684\u51c6\u5907 $ sudo a2enmod ssl rewrite $ sudo a2ensite de [&hellip;]<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-36513","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Apache2 \u652f\u6301 SSL - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/apache2-\u652f\u6301-ssl\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Apache2 \u652f\u6301 SSL\" \/>\n<meta property=\"og:description\" content=\"Apache\u7684\u51c6\u5907 $ sudo a2enmod ssl rewrite $ sudo a2ensite de [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/apache2-\u652f\u6301-ssl\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-17T06:18:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-29T06:31:17+00:00\" \/>\n<meta name=\"author\" content=\"\u6e05, \u626c\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u6e05, \u626c\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/\",\"name\":\"Apache2 \u652f\u6301 SSL - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-01-17T06:18:24+00:00\",\"dateModified\":\"2024-04-29T06:31:17+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/cb5556d2501da73d864cac945e8d9461\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Apache2 \u652f\u6301 SSL\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/cb5556d2501da73d864cac945e8d9461\",\"name\":\"\u6e05, \u626c\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/32a4239de8ff29adace466261d309424a1e5fe9f7e3036bf89fe03f2e3dbe717?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/32a4239de8ff29adace466261d309424a1e5fe9f7e3036bf89fe03f2e3dbe717?s=96&d=mm&r=g\",\"caption\":\"\u6e05, \u626c\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/qingyang\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Apache2 \u652f\u6301 SSL - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/apache2-\u652f\u6301-ssl\/","og_locale":"zh_CN","og_type":"article","og_title":"Apache2 \u652f\u6301 SSL","og_description":"Apache\u7684\u51c6\u5907 $ sudo a2enmod ssl rewrite $ sudo a2ensite de [&hellip;]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/apache2-\u652f\u6301-ssl\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-01-17T06:18:24+00:00","article_modified_time":"2024-04-29T06:31:17+00:00","author":"\u6e05, \u626c","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u6e05, \u626c","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"2 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/","name":"Apache2 \u652f\u6301 SSL - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-01-17T06:18:24+00:00","dateModified":"2024-04-29T06:31:17+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/cb5556d2501da73d864cac945e8d9461"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"Apache2 \u652f\u6301 SSL"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/cb5556d2501da73d864cac945e8d9461","name":"\u6e05, \u626c","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/32a4239de8ff29adace466261d309424a1e5fe9f7e3036bf89fe03f2e3dbe717?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/32a4239de8ff29adace466261d309424a1e5fe9f7e3036bf89fe03f2e3dbe717?s=96&d=mm&r=g","caption":"\u6e05, \u626c"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/qingyang\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/apache2-%e6%94%af%e6%8c%81-ssl\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/36513","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=36513"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/36513\/revisions"}],"predecessor-version":[{"id":85836,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/36513\/revisions\/85836"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=36513"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=36513"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=36513"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}