一、上传文件
免费证书申请完成后,选择下载apache服务器证书
解压出来以后有三个文件:
1 2 3 | 1_root_bundle.crt 2_demo.com.crt 3_demo.com.key |
将1_root_bundle.crt文件上传到/opt/lampp/etc目录下
将2_demo.com.crt文件上传到/opt/lampp/etc/ssl.crt目录下
将3_demo.com.key文件上传到/opt/lampp/etc/ssl.key目录下
二、编辑httpd-ssl.conf文件
1 | vi /opt/lampp/etc/extra/httpd-ssl.conf |
找到
1 | <VirtualHost _default_:443> |
更改成以下
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 | # General setup for the virtual host DocumentRoot "/opt/lampp/htdocs" ServerName www.demo.com:443 ServerAdmin example@example.com ErrorLog "/opt/lampp/logs/error_log" TransferLog "/opt/lampp/logs/access_log" # SSL Engine Switch: # Enable/Disable SSL for this virtual host. # on即为开启ssl SSLEngine on # Server Certificate: # Point SSLCertificateFile at a PEM encoded certificate. If # the certificate is encrypted, then you will be prompted for a # pass phrase. Note that a kill -HUP will prompt again. Keep # in mind that if you have both an RSA and a DSA certificate you # can configure both in parallel (to also allow the use of DSA # ciphers, etc.) # Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt) # require an ECC certificate which can also be configured in # parallel. SSLCertificateFile "/opt/lampp/etc/ssl.crt/2_demo.com.crt" #SSLCertificateFile "/opt/lampp/etc/server-dsa.crt" #SSLCertificateFile "/opt/lampp/etc/server-ecc.crt" # Server Private Key: # If the key is not combined with the certificate, use this # directive to point at the key file. Keep in mind that if # you've both a RSA and a DSA private key you can configure # both in parallel (to also allow the use of DSA ciphers, etc.) # ECC keys, when in use, can also be configured in parallel SSLCertificateKeyFile "/opt/lampp/etc/ssl.key/3_demo.com.key" #SSLCertificateKeyFile "/opt/lampp/etc/server-dsa.key" #SSLCertificateKeyFile "/opt/lampp/etc/server-ecc.key" # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convenience. SSLCertificateChainFile "/opt/lampp/etc/1_root_bundle.crt" |
三、强制跳转到HTTPS(选做)
编辑httpd.conf文件
1 | vi /opt/lampp/etc/httpd.conf |
找到
1 | DocumentRoot "/opt/lampp/htdocs" |
更正为
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 | DocumentRoot "/opt/lampp/htdocs" <Directory "/opt/lampp/htdocs"> # # Possible values for the Options directive are "None", "All", # or any combination of: # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # # The Options directive is both complicated and important. Please see # http://httpd.apache.org/docs/trunk/mod/core.html#options # for more information. # #Options Indexes FollowSymLinks # XAMPP Options Indexes FollowSymLinks ExecCGI Includes # # AllowOverride controls what directives may be placed in .htaccess files. # It can be "All", "None", or any combination of the keywords: # Options FileInfo AuthConfig Limit # #AllowOverride None # since XAMPP 1.4: AllowOverride All # # Controls who can get stuff from this server. # Require all granted RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)?$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] |
四、重启xampp
1 | /opt/lampp/lampp restart |