ÔÚGentooÖд´½¨ApacheÐéÄâÖ÷»ú
±¾½Ì³Ì̽ÌÖÁËLAMP»·¾³µÄ¶îÍâÉèÖ㬱ÈÈçÔÚApacheÉÏ´´½¨ÐéÄâÖ÷»ú¡¢Éú³ÉSSLÖ¤ÊéÎļþ¼°ÃÜÔ¿¡¢Õë¶ÔHTTPÊÂÎñÆôÓð²È«SSLÐÒ飬ÒÔ¼°Ê¹ÓÃApache
CGIÍø¹Ø£¬ÄÇÑùÄã¾Í¿ÉÒÔÔÚ×Ô¼ºµÄÍøÕ¾ÉÏÔËÐÐPerl½Å±¾»òBash½Å±¾¡£
µÚ1²½£º´´½¨ApacheÐéÄâÖ÷»ú
Õâ¸ö»°ÌâʹÓÃÒ»¸öÐé¼ÙµÄÓòÃû£ºgentoo.lan£¬Í¨¹ý±¾µØÖ÷»úÎļþÀ´ÆôÓã¬ÍøÕ¾Îļþ´Ó/var/www/gentoo.lanÀ´Ìṩ¨D¨DûÓÐÓÐЧDNS¼Ç¼µÄDocumentRootÃüÁîÓÃÀ´ÑÝʾÈçºÎÔÚʹÓÃApache
Web ServerµÄGentooÉÏÆôÓöà¸öÐéÄâÖ÷»ú¡£
1. Ê×ÏÈ£¬´ò¿ªGentooÖ÷»úÎļþ½øÐб༣¬ÓÃÄãµÄÓòÃûÌí¼ÓеÄÒ»ÐС£
ÔÚÎļþĩ⣬ÈÃËü¿´ÆðÀ´ÈçͬÕâÑù¡£
127.0.0.1 localhost gentoo 192.168.1.13 gentoo.lan |

ÔÚÖ÷»úÎļþÖÐÌí¼ÓÓòÃû
2. ʹÓÃpingÃüÁî²âÊÔÄãµÄÐé¼ÙÓò£¬¸ÃÓòÓ¦¸Ã»áʹÓÃÆäIPµØÖ·À´»ØÓ¦¡£

ÑéÖ¤ÓòÃû
3. ¼¤»îApacheÐéÄâÖ÷»úµÄ¹ý³ÌÏ൱¼òµ¥¡£Ö»Òª´ò¿ªÎ»ÓÚ/etc/apache2/vhosts.d/·¾¶µÄApacheĬÈÏÐéÄâÖ÷»úÎļþ£¬ÔÚ×îºóÒ»¸öÓï¾äÇ°Ãæ£¬ÊäÈëÄãеÄÐéÄâÖ÷»ú¶¨Ò壬¸Ã¶¨ÒåÔÚ¡ÃüÁîÏÂΧÆðÀ´¡£
°üº¬ÄãµÄ×Ô¶¨ÒåÉèÖ㬱ÈÈçServerNameºÍDocumentRoot·¾¶¡£Ê¹ÓÃÏÂÁÐÎļþÄ£°å×÷ΪÐÂÐéÄâÖ÷»úµÄÖ¸ÄÏ£¬²¢½«ËüÌí¼Óµ½00_default_vhost.confÎļþÉÏ(ÓÃÓÚ·ÇSSLÍøÕ¾)¡£
$ sudo nano /etc/apache2/vhosts.d/00_default_vhost.conf ## ÒÔ</VirtualHost>½áβµÄÁíÒ»¸öÐéÄâÖ÷»úÓï¾ä### <VirtualHost *:80> ServerName gentoo.lan DocumentRoot "/var/www/gentoo.lan" <Directory "/var/www/gentoo.lan" Options Indexes FollowSymLinks ExecCGI MultiViews # AllowOverride¿ØÖÆÊ²Ã´ÃüÁî¿ÉÒÔ·ÅÔÚ.htaccessÎļþÖС£ AllowOverride All # ¿ØÖÆËÄܴӸ÷þÎñÆ÷ÎļþÖлñµÃÄÚÈÝ Order allow,deny Allow from all </Directory> <IfModule mpm_peruser_module> ServerEnvironment apache apache </IfModule> </VirtualHost> ## ÁíÒ»¸öÐéÄâÖ÷»úÓï¾ä### ## ½áÊøÐéÄâÖ÷»úÎļþµÄ×îºóÒ»¸öÓï¾ä## </IfDefine> |

ÔÚGentooÖд´½¨ApacheÐéÄâÖ÷»ú
Äã¿ÉÄÜ´Ó¸ÃÎļþÄÚÈÝͼÐÎÖп´³ö£¬ÎļþʹÓÃÁË´óÁ¿µÄ˵Ã÷×¢ÊÍ£¬»¹±£ÁôÁ˱¾µØÖ÷»úÐéÄâÖ÷»úµÄ¶¨Òå¨D¨DÄã¿ÉÒÔ½«ËüÓÃ×÷Ö¸ÄÏ¡£
4. ʹÓÃ×Ô¶¨ÒåµÄÐéÄâÖ÷»úÍê³ÉÎļþ±à¼ºó£¬ÖØÆôApache£¬ÈÃÉèÖÃÉúЧ£¬²¢È·±£Äã´´½¨ÁËDocumentRootĿ¼£¬ÒÔ·ÀÄã¸ü¸ÄÁ˸ÃÖ¸Á·¾¶ÔÚĬÈÏÇé¿öϲ¢²»´æÔÚ(ÕâÖÖÇé¿öÏ·¾¶¸Ä³É/var/www/gentoo.lan)¡£ÎÒ»¹´´½¨ÁËÒ»¸öСÇɵÄPHPÎļþ£¬ÒÔ²âÊÔWeb·þÎñÆ÷µÄÅäÖá£
$ sudo mkdir /var/www/gentoo.lan $ su "echo '<?php phpinfo(); ?>' > /var/www/gentoo.lan/info.php" $ sudo /etc/init.d/apache2 restart |
5. Ïë½øÐÐÑéÖ¤£¬´ò¿ªä¯ÀÀÆ÷£¬½«ÆäÖ¸ÏòÄãµÄÐéÄâÓòÃûhttp://gentoo.lan/info.php¡£

ÑéÖ¤PHPÅäÖÃ
ʹÓÃÕâ¸ö·½·¨£¬Äã¿ÉÒÔʹÓÃApacheÐéÄâÖ÷»ú£¬ÏëÌí¼Ó¼¸¸ö·ÇSSLÍøÕ¾£¬¾ÍÄÜÌí¼Ó¼¸¸ö;µ«ÊǾÍÒ»¸öÕæÊµµÄÃæÏò»¥ÁªÍøµÄ»úÆ÷¶øÑÔ£¬ÒªÈ·±£ÄãµÄÓòÒÑ×¢²á£¬²¢ÇÒʹÓÃÓÐЧµÄDNS·þÎñÆ÷¼Ç¼¡£
Ïëɾ³ýÐéÄâÖ÷»ú£¬Ö»Òª×¢Ê͵ô»òɾ³ý00_default_vhost.confÎļþÖСÏÂΧÆðÀ´µÄÖ¸Áî¡£
µÚ2²½£ºÎªÐéÄâÖ÷»úÉú³ÉSSLÖ¤ÊéºÍÃÜÔ¿
SSLÊÇÒ»ÖÖ¼ÓÃÜÐÒ飬ÓÃÀ´Í¨¹ý»¥ÁªÍø»òʹÓÃÖ¤ÊéÒÔ¼°¶Ô³Æ/·Ç¶Ô³ÆÃÜÔ¿µÄÍøÂçÀïÃæµÄ°²È«Í¨ÐÅͨµÀ½»»»ÐÅÏ¢¡£
6. Ïë¼ò»¯Ö¤ÊéºÍÃÜÔ¿µÄÉú³É¹ý³Ì£¬Ê¹ÓÃÏÂÁÐBash½Å±¾£¬¸Ã½Å±¾³äµ±ÃüÁ¿ÉÒÔ×Ô¶¯´´½¨ÄãËùÐèÒªµÄ´øSSLÓòÃûÉèÖõÄSSLÖ¤ÊéºÍÃÜÔ¿¡£
Ê×ÏÈ£¬¿ªÊ¼Ê¹ÓÃÏÂÁÐÃüÁ´´½¨Bash½Å±¾¡£
$ sudo nano /usr/local/bin/apache_gen_ssl
Ìí¼ÓÏÂÁÐÎļþÄÚÈÝ¡£
#!/bin/bash mkdir /etc/apache2/ssl cd /etc/apache2/ssl echo -e "Enter a name for this certificate:\nEx: mydomain.lan" read cert openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out $cert.key chmod 600 $cert.key openssl req -new -key $cert.key -out $cert.csr openssl x509 -req -days 365 -in $cert.csr -signkey $cert.key -out $cert.crt echo -e " The certificate $cert has been generated!\nPlease link it to Apache SSL website!" ls -all /etc/apache2/ssl/ exit 0 |

´´½¨Bash½Å±¾£¬Éú³ÉSSL
7. Îļþ´´½¨Íê±Ïºó£¬ÔÚÆäĩβÌí¼ÓÖ´ÐÐȨÏÞ£¬²¢ÔËÐÐÎļþ£¬Éú³ÉSSLÃÜÔ¿¼°Ö¤Êé¡£
$ sudo chmod +x /usr/local/bin/apache_gen_ssl $ sudo apache_gen_ssl |

Éú³ÉSSLÖ¤Êé¼°ÃÜÔ¿
ÄãµÚÒ»´ÎÔËÐÐÎļþʱ£¬Ëü»áÒªÇóÄãÊäÈëÓòÃû¡£ÊäÈëÐèÒªÉú³ÉSSLÉèÖõÄÓòÃû£¬²¢ÎªÖ¤ÊéÌî³ä±ØÒªµÄÐÅÏ¢£¬×îÖØÒªµÄÒ»¸öÐÅÏ¢ÊÇCommon
Name£¬Ê¹ÓÃÄã·þÎñÆ÷µÄFQDN(ÍêÈ«·ûºÏ±ê×¼µÄÓòÃû)¡£
ʹÓÃÕâÖÖ·½·¨·ÅÖÃËùÓÐÖ¤ÊéºÍÃÜÔ¿µÄĬÈÏλÖÃÊÇ/etc/apache2/ssl/¡£
8. ÏÖÔÚ¿ÉÒÔ´´½¨Óëgentoo.lan¶ÔÓ¦µÄÐéÄâÖ÷»úSSL¡£Ê¹ÓÃÓë·ÇSSLÐéÄâÖ÷»úÒ»ÑùµÄ·½·¨£¬²»¹ýÕâ»Ø±à¼/etc/apache2/vhosts.d/00_default_ssl_vhosts.confÎļþ£¬ÐèÒªÉԼӸ͝Îļþ¡£
ÏÈ´ò¿ªÎļþ½øÐб༣¬È»ºó½øÐÐÏÂÁи͝¡£
$ sudo nano /etc/apache2/vhosts.d/00_default_ssl_vhosts.conf |
ÔÚListen 443ÃüÁîÏ£¬Ìí¼ÓÏÂÁÐÄÚÈÝ¡£

ÆôÓÃHTTPS¶Ë¿Ú
Õë¶ÔеÄÐéÄâÖ÷»úʹÓÃÏÂÁÐÄ£°å£¬²¢ÔÚĩβÌí¼ÓеÄSSLÖ¤Êé¼°ÃÜԿ·¾¶ºÍÃû³Æ¡£
## ÒÔ</VirtualHost> ½áβµÄÁíÒ»¸öÐéÄâÖ÷»úÓï¾ä### <VirtualHost *:443> ServerName gentoo.lan DocumentRoot "/var/www/gentoo.lan" ErrorLog /var/log/apache2/gentoo.lan-ssl_error_log <IfModule log_config_module> TransferLog /var/log/apache2/gentoo.lan-ssl_access_log </IfModule> SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL ## ʹÓÃÐÂÉú³ÉµÄSSLÖ¤ÊéºÍÃÜÔ¿½øÐб༣¬½«Â·¾¶¸Ä³É/etc/apache2/ssl/ SSLCertificateFile /etc/apache2/ssl/gentoo.lan.crt SSLCertificateKeyFile /etc/apache2/ssl/gentoo.lan.key <Directory "/var/www/gentoo.lan"> Options Indexes FollowSymLinks ExecCGI MultiViews Includes AllowOverride All Order allow,deny Allow from all </Directory> <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "/var/www/gentoo.lan "> SSLOptions +StdEnvVars </Directory> <IfModule setenvif_module> BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </IfModule> <IfModule log_config_module> CustomLog /var/log/apache2/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </IfModule> </VirtualHost> ## ÁíÒ»¸öÐéÄâÖ÷»úÓï¾ä### |

´´½¨SSLÐéÄâÖ÷»ú
ÐéÄâÖ÷»úµÄ¶¨Ò屨ÐëÔÚÕâ×îºóÈý¸öÓï¾ä֮ǰ½áÊø¡£
</IfModule> </IfDefine> </IfDefine> |

ÑéÖ¤ÐéÄâÖ÷»ú
9. Íê³ÉÐéÄâÖ÷»úÎļþµÄ±à¼ºó£¬ÖØÆôApache·þÎñ£¬½«ä¯ÀÀÆ÷Ö¸ÏòʹÓÃHTTPSÐÒéµÄÓò£ºhttps://gentoo.lan¡£
$ sudo /etc/init.d/apache2 restart |

ÑéÖ¤HTTPSÐÒé
ʹÓÃÕâ¸ö·½·¨£¬¾Í¿ÉÒÔʹÓÃApacheÐéÄâÖ÷»ú£¬ÎªSSLÍøÕ¾Ìí¼Ó×Ô¼ºµÄÖ¤ÊéºÍÃÜÔ¿¡£Ïëɾ³ýSSLÐéÄâÖ÷»ú£¬Ö»Òª×¢Ê͵ô»òɾ³ýÔÚ/etc/apache2/vhosts.d/00_default_ssl_vhosts.confÎļþÖСÏÂΧÆðÀ´µÄÃüÁî¡£
µÚ3²½£ºÆôÓÃCGI½Ó¿Ú
CGI(ͨÓÃÍø¹Ø½Ó¿Ú)ÈÃApache¿ÉÒÔÓëÍⲿ³ÌÐò½øÐÐÁªÏµ£¬ËüÖ÷ÒªÓÉPerl»òBASH½Å±¾×é³É£¬¿ÉÒÔΪÄãµÄÍøÕ¾Ìí¼Ó¶¯Ì¬ÄÚÈÝ¡£
10. ÔÚÆôÓÃCGIÍø¹ØÖ®Ç°£¬È·±£ApacheÒѾ¹ý±àÒ룬Portage make.confÎļþ£ºcgi
cgid ÉÏÖ§³ÖUSE CGIÄ£¿é¡£ÏëÆôÓÃGCI¶ÔApacheµÄÖ§³Ö£¬´ò¿ª/etc/conf.d/apache2Îļþ£¬ÔÚAPACHE2_OPTSÕâÒ»ÐÐÌí¼ÓCGIÄ£¿é¡£
$ sudo nano /etc/conf.d/apache2 |
È·±£ÕâÒ»ÐÐÓÐÀàËÆµÄÄÚÈÝ¡£
APACHE2_OPTS="-D DEFAULT_VHOST -D INFO
-D SSL -D SSL_DEFAULT_VHOST -D LANGUAGE -D STATUS -D CGI" |

ΪApacheÆôÓÃCGI
11. CGIÄ£¿éÆôÓú󣬴ò¿ªÄãÏëÒªÆôÓÃCGI½Ó¿ÚµÄÍøÕ¾¶¨ÒåÖ÷»ú£¬²¢½«ÏÂÁÐÄÚÈÝÌí¼Óµ½ÐéÄâÖ÷»úÃüÁîÀïÃæ¡£
<Directory "/var/www/gentoo.lan"> Options Indexes +ExecCGI MultiViews AddHandler cgi-script .cgi .pl DirectoryIndex index.cgi index.php index.html index.pl AllowOverride All Order allow,deny Allow from all </Directory> |

ÔÚÐéÄâÖ÷»úÖÐÆôÓÃCGI
12. Èç¹ûÄãÔÚDocumentRoot(/var/www/gentoo.lan/)·¾¶ÀïÃæÓÐÒ»¸öĿ¼´æ·ÅCGI½Å±¾£¬ÍêÈ«¿ÉÒÔÆôÓøÃĿ¼£¬Ìṩ¶¯Ì¬µÄPerl»òBash½Å±¾¡£
ScriptAlias /cgi-bin/ /var/www/gentoo.lan/cgi-bin/ <Location /cgi-bin> Options +ExecCGI AddHandler cgi-script .cgi .pl DirectoryIndex index.cgi index.php index.html index.pl </Location> |
13. ÖÁÓÚSSI(·þÎñÆ÷¶ËǶÈë)£¬ÔÚOptionsÉÏÌí¼Ó+IncludesÓï¾ä£¬²¢Ìí¼Ó.shtmlÎļþÀ©Õ¹Ãû¡£
<Directory "/var/www/gentoo.lan"> Options Indexes +ExecCGI +Includes AddHandler cgi-script .cgi .pl AddType text/html .shtml AddOutputFilter INCLUDES .shtml DirectoryIndex index.shtml index.cgi index.pl index.php index.html AllowOverride All Order allow,deny Allow from all </Directory> |
14. ÏëÔÚAapche CGAÍø¹ØÉϲâÊÔһЩ¼òµ¥µÄ.cgiºÍ.pl½Å±¾£¬ÔÚÐéÄâÖ÷»úDocumentRoot(/var/www/gentoo.lan/)ÀïÃæ´´½¨ÏÂÁнű¾¡£
Perl½Å±¾
$ sudo nano /var/www/gentoo.lan/env.pl |
Ìí¼ÓÏÂÁÐPerlÄÚÈÝ¡£
#!/usr/bin/perl print "Content-type: text/html\n\n"; foreach my $keys (sort keys %ENV) { print "$keys = $ENV{$keys}<br/>\n"; } |
Bash½Å±¾
$ sudo nano /var/www/gentoo.lan/run.cgi |
Ìí¼ÓÏÂÁÐBashÄÚÈÝ¡£
#!/bin/bash echo "Content-type: text/html" echo "" echo "----------------------------------------------- ./env.pl echo "------------------------------------ |
15. ÉÏÊöÎļþ´´½¨Íê±Ïºó£¬ÈÃËüÃdzÉΪ¿ÉÖ´ÐÐÎļþ£¬ÖØÆôApacheºǫ́³ÌÐò£¬½«ä¯ÀÀÆ÷Ö¸ÏòÏÂÁÐURL¡£
$ sudo chmod +x /var/www/gentoo.lan/run.cgi $ sudo chmod +x /var/www/gentoo.lan/env.pl $ sudo /etc/init.d/apache2 restart
https://gentoo.lan/run.cgi
OR
https://gentoo.lan/env.pl |

ÑéÖ¤CGIÅäÖÃ
ÏÖÔÚ£¬Äã¿ÉÒÔ½«Gentoo±ä³ÉÒ»¸ö¹¦ÄÜÇ¿´óµÄWebÖ÷»úÍÐ¹ÜÆ½Ì¨£¬¿ÉÒÔͨ¹ýһЩÉèÖöÔϵͳÐÔÄܽøÐÐ΢µ÷£¬²¢ÇÒ×î´óÏ޶ȵؿØÖÆÄãµÄÕû¸ö»·¾³¡£ |