如何安装配置Oracle Linux 9.x httpd环境?

Apache

1 前言

一个问题,一篇文章,一出故事。
本章将完成Oracle Linux 9.x的httpd服务安装和基本配置。

2 最佳实践

2.1 安装软件包

dnf install -y httpd mod_ssl

2.2 删除默认SSL虚拟主机配置

cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.default
sed -i '/\<VirtualHost _default_:443\>/,/\<\/VirtualHost\>/d' /etc/httpd/conf.d/ssl.conf

以上配置可以避免如下错误提示,

AH00526: Syntax error on line 85 of /etc/httpd/conf.d/ssl.conf:
SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty

2.3 修改默认的服务器名称

cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.default
sed -i "s/\#ServerName www.example.com\:80/ServerName localhost\:80/g" /etc/httpd/conf/httpd.conf

以上配置可以避免如下警告提示,

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using ::1. Set the 'ServerName' directive globally to suppress this message

2.4 启动服务并设置自启动

httpd -t
systemctl start httpd
systemctl enable httpd

启动完成后,你可以使用如下命令确认服务的状态,

systemctl status httpd

2.5 配置虚拟主机

vim /etc/httpd/conf.d/www.cmdschool.org.conf

加入如下配置,

<VirtualHost *:443>
        DocumentRoot /var/www/www.cmdschool.org
        ServerName www.cmdschool.org
        ServerAlias cmdschool.org

        SSLEngine on
        SSLProtocol all -SSLv2
        SSLCipherSuite DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES
        SSLCertificateFile /etc/httpd/www.cmdschool.org.crt
        SSLCertificateKeyFile /etc/httpd/www.cmdschool.org.key
        SSLCertificateChainFile /etc/httpd/root_bundle.crt
</VirtualHost>

<VirtualHost *:80>
        DocumentRoot /var/www/www.cmdschool.org
        ServerName www.cmdschool.org
        ServerAlias cmdschool.org
        RewriteEngine on
        RewriteCond %{SERVER_PORT} !^443$
        RewriteRule ^/?(.*)$ https://%{SERVER_NAME}/$1 [L,R]
</VirtualHost>

<Directory /var/www/www.cmdschool.org>
  Require all granted
</Directory>

根据配置文件的需求,你需要手动创建如下目录,

mkdir -p /var/www/www.cmdschool.org

根据配置文件的需求,你需要使用如下命令部署证书文件,

cp www.cmdschool.org.crt /etc/httpd/www.cmdschool.org.crt
cp www.cmdschool.org.key /etc/httpd/www.cmdschool.org.key
cp root_bundle.crt /etc/httpd/root_bundle.crt

证书请自行准备,笔者建议你申请权威的腾讯云证书,使用申请Apache的格式证书即可,
https://cloud.tencent.com/product/ssl
配置修改后,你需要使用如下命令检测语法并重载使服务生效,

httpd -t
systemctl reload httpd

根基配置的要求,你可能需要开放如下服务,

firewall-cmd --permanent --add-service http --add-service https
firewall-cmd --reload
firewall-cmd --list-all
没有评论

发表回复

Apache
如何安装配置Oracle Linux 9.x httpd+php环境?

1 前言 一个问题,一篇文章,一出故事。 本章将完成Oracle Linux 9.x的Apache+ …

Apache
如何配置Apache httpd的php fcgi?

1 前言 一个问题,一篇文章,一出故事。 笔者今天尝试Apache httpd使用fcgi的方式与p …

Apache
如何修复unknown type name ‘my_bool错误?

1 前言 一个问题,一篇文章,一出故事。 笔者在比较新的操作系统(Oracle Linux Serv …