在apache服务器上如何部署免费的ssl证书

在阿里云上可以申请免费的ssl证书，证书签发通过之后，下载Apache对应的证书文件。

通过解压后，包含三个文件,证书文件domain name_public.crt,证书链文件domain name_chain.crt,证书密钥文件domain name.key。

证书具体部署如下：

1.创建证书存放目录cert

mkdir /etc/httpd/cert

2.拷贝证书到cert

cp -rf 证书 /etc/httpd

3.给文件或目录添加apache权限

chown apache.apache /etc/httpd/cert/证书

4.查看证书权限

ll /etc/httpd/cert/证书

5.安装mode_ssl模块

yum -y install mod_ssl

6.配置虚拟主机80,443

vim /etc/httpd/conf.d/域名.conf

<VirtualHost *:80>
        ServerName www.域名
        ServerAlias 域名

        RewriteEngine on
        RewriteCond %{SERVER_PORT} !^443$
        RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
</VirtualHost>

<VirtualHost *:443>
        ServerName www.域名
        ServerAlias 域名
        DocumentRoot "/var/www/xiaoma"
        CustomLog "logs/域名_access_log" combined
        ErrorLog "logs/域名_error_log"

        SSLEngine on
        SSLCertificateFile /etc/httpd/cert/xxx_public.crt
        SSLCertificateKeyFile /etc/httpd/cert/xxx.key
        SSLCertificateChainFile /etc/httpd/cert/xxx_chain.crt
</VirtualHost>

<Directory "/var/www/xiaoma">
        AllowOverride All
        Require all granted
</Directory>

7.重启apache

systemctl restart httpd

8.安全组配置443

9.打开网站测试