1. 필요패키지 설치 (openssl과 mod_ssl이 필요하나 6.4 이후 버전은 openssl이 설치되어있어 mod_ssl만 설치)

yum -y install mod_ssl

2. self-signed certificate 및 개인 키 생성 (openssl을 이용한 self-signed certificate생성)

openssl genrsa -out ca.key 1024



3. CSR (Certificate Signing Request) 생성 / Common Name의 경우 추후 conf파일 설정에 필요

[root@localhost ~]# openssl genrsa -out ca.key 1024

Generating RSA private key, 1024 bit long modulus

.............++++++

.......................................++++++

e is 65537 (0x10001)

[root@localhost ~]# openssl req -new -key ca.key -out ca.csr

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter ".", the field will be left blank.

-----

Country Name (2 letter code) [XX]:82

State or Province Name (full name) []:korea

Locality Name (eg, city) [Default City]:Seoul

Organization Name (eg, company) [Default Company Ltd]:ehost

Organizational Unit Name (eg, section) []:park

Common Name (eg, your name or your server"s hostname) []:web02

Email Address []:*********@*******.net


Please enter the following "extra" attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

4. self signed key 생성

openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt



5. 생성된 파일 복사

[root@localhost ~]# cp ca.crt /etc/pki/tls/certs

[root@localhost ~]# cp ca.key /etc/pki/tls/private/ca.key

[root@localhost ~]# cp ca.csr /etc/pki/tls/private/ca.csr



6. SSL conf파일 수정

[root@localhost ~]# vi /etc/httpd/conf.d/ssl.conf



7. config 파일 내 virtualhost 추가

vi /etc/httpd/conf/httpd.conf

8. 443포트 추가 및 데몬 재시작

[root@localhost ~]# vi /etc/sysconfig/iptables

-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT <-추가

wq!

[root@localhost ~]# service iptables restart

iptables: Setting chains to policy ACCEPT: filter [ OK ]

iptables: Flushing firewall rules: [ OK ]

iptables: Unloading modules: [ OK ]

iptables: Applying firewall rules: [ OK ]

[root@localhost ~]# service httpd restart

Stopping httpd: [ OK ]

Starting httpd: [ OK ]






https://www.aiocp.co.kr/ ( 딥러닝,머신러닝 서버 판매 ,컨설팅) https://bigbangcloud.co.kr/ ( GPU 클라우드 서비스) ::: AI 서버의 모든것 ::: 인공지능의 시작~ (주)이호스트ICT
ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.
ÀÌ°ÍÀ» ¼­¹ö¿¡ Àû¿ëÇϸé
½±°Ô ssl ¼­ºñ½º°¡ °¡´ÉÇϳª¿ä?¤¾¤¾


PDS
Á¦¸ñPage 24/77
2014-05   5028350   Á¤ÀºÁØ1
2015-12   1564953   ¹é¸Þ°¡
2019-08   5008   ÇãÀα¸¸¶Æ¾
2019-08   8335   µö·¯´×¼­¹ö
2019-08   5373   µö·¯´×¼­¹ö
2019-08   4707   µö·¯´×¼­¹ö
2019-08   12899   µö·¯´×¼­¹ö
2019-08   5580   µö·¯´×¼­¹ö
2019-08   5131   »ßµ¹À̽½ÇÄÀÌ
2019-08   22736   FOXBI
2019-07   4797   µö·¯´×¼­¹ö
2019-07   4433   µö·¯´×¼­¹ö
2019-07   4137   µö·¯´×¼­¹ö
2019-07   11854   µö·¯´×¼­¹ö
2019-07   5154   µö·¯´×¼­¹ö
2019-07   5132   µö·¯´×¼­¹ö
2019-07   5010   µö·¯´×¼­¹ö
2019-07   5029   ±èȲÁß
2019-07   5724   µö·¯´×¼­¹ö
2019-07   5675   µö·¯´×¼­¹ö
2019-07   8024   µö·¯´×¼­¹ö
2019-07   6678   µö·¯´×¼­¹ö