Home > 網路管理 > ZeroSSL SSL 安全憑證 及 Apache 安裝憑證

ZeroSSL SSL 安全憑證 及 Apache 安裝憑證

一、ZeroSSL SSL 安全憑證

官方網站 https://zerossl.com/

參考文件:https://www.minwt.com/website/22495.html

1.Enter Domains

2.Validity 90-Day Certificate

3.Auto-Generate CSR

4.Verify Domain 使用HTTP upload

5.Install Certificate

Your certificate has been issued and is ready for installation. To continue, please follow the steps below.

二、Apache 安裝憑證

https://medium.com/feveral的程式筆記/apache-安裝-https-教學-dd022e2be7b4

1.安裝 mod_ssl

yum install mod_ssl

2-1.Installing SSL Certificate on Apache

https://help.zerossl.com/hc/en-us/articles/360058295854-Installing-SSL-Certificate-on-Apache

After downloading your certificate, you should have a ZIP containing the following certificate files:

  • certificate.crt
  • ca_bundle.crt
  • private.key

2-2.

  1. Upload Certificate to ServerFirst, copy your certificate files to the directory where you keep your certificate and key files. Typically, this directory is /etc/ssl/ for your certificate.crt and ca_bundle.crt files, and /etc/ssl/private/ for your private.key file.
  2. Locate Configuration FileNext, you will need to find the Apache configuration file on your server. Depending on the server and OS version you are running on, the configuration file is stored in different directories. Typically, you could search the directories etc/httpd//etc/apache2/ or /etc/httpd/conf.d/ssl.conf for files named httpd.confapache2.conf or ssl.conf.
  3. Configure Virtual HostOnce the Apache configuration file is located, you will need to configure the virtual host section of your website. Before you do so, please make sure to create a backup of your current *.conf file. This way, you will be able to undo any changes in case something goes wrong.

2-3. vi /etc/httpd/conf.d/ssl.conf

ServerAdmin   admin@domain.com
DocumentRoot  /var/www/
ServerName    www.domain.com
ErrorLog      /www/home/logs/error_log
SSLEngine                on
SSLCertificateFile       /etc/ssl/certificate.crt
SSLCertificateKeyFile    /etc/ssl/private.key
SSLCertificateChainFile  /etc/ssl/ca_bundle.crt

2-4.Save & Restart the server

systemctl stop httpd
systemctl start httpd
systemctl status httpd

三、完成驗証