개발

리눅스 보안서버 https 사용하기

애바른 2007. 11. 6. 10:53

Step-by-step installation illustration

Here is a 15 minute procedure to setup an SSL-aware Apache test-only webserver under /usr/local/apache/ (for the complete detailed installation step-by-step list please read the INSTALL file):
  1. Fetch and extract the distributions of Apache, mod_ssl and OpenSSL 

    $ lynx http://httpd.apache.org/dist/httpd/apache_1.3.37.tar.gz
$ lynx ftp://ftp.modssl.org/source/mod_ssl-2.8.28-1.3.37.tar.gz
$ lynx ftp://ftp.openssl.org/source/openssl-0.9.8b.tar.gz
$ gzip -d -c apache_1.3.37.tar.gz | tar xvf -
$ gzip -d -c mod_ssl-2.8.28-1.3.37.tar.gz | tar xvf -
$ gzip -d -c openssl-0.9.8b.tar.gz | tar xvf -
  2. Build OpenSSL

    $ cd openssl-0.9.8b
$ ./config
$ make
$ cd ..
  3. Build and install the SSL-aware Apache 

    $ cd mod_ssl-2.8.28-1.3.37
$ ./configure \
    --with-apache=../apache_1.3.37 \
    --with-ssl=../openssl-0.9.8b \
    --prefix=/usr/local/apache
$ cd ..
$ cd apache_1.3.37
$ make 
$ make certificate
$ make install
  4. Cleanup after work 

    $ rm -rf apache_1.3.37
$ rm -rf mod_ssl-2.8.28-1.3.37
$ rm -rf openssl-0.9.8b
  5. Fire up your SSL-aware Apache and try it out
    (please replace "local-host-name" with the fully qualified domain name (FQDN) of your website which you entered at the "make certificate" step above) 

    $ /usr/local/apache/bin/httpd -DSSL
$ netscape https://local-host-name/

http://www.modssl.org/example/