Äú¿ÉÒÔ¾èÖú£¬Ö§³ÖÎÒÃǵĹ«ÒæÊÂÒµ¡£

1Ôª 10Ôª 50Ôª





ÈÏÖ¤Â룺  ÑéÖ¤Âë,¿´²»Çå³þ?Çëµã»÷Ë¢ÐÂÑéÖ¤Âë ±ØÌî



  ÇóÖª ÎÄÕ ÎÄ¿â Lib ÊÓÆµ iPerson ¿Î³Ì ÈÏÖ¤ ×Éѯ ¹¤¾ß ½²×ù Modeler   Code  
»áÔ±   
 
   
 
 
     
   
 ¶©ÔÄ
  ¾èÖú
ÔÚGentoo LinuxÖд´½¨ÐéÄâÖ÷»ú²¢Éú³ÉSSLÖ¤Êé¼°ÃÜÔ¿
 

×÷Õß _×··çµÄ²©¿Í£¬»ðÁú¹ûÈí¼þ ·¢²¼ÓÚ£º2014-07-08

  4462  次浏览      27
 

ÔÚGentooÖд´½¨ApacheÐéÄâÖ÷»ú

 

±¾½Ì³Ì̽ÌÖÁËLAMP»·¾³µÄ¶îÍâÉèÖ㬱ÈÈçÔÚApacheÉÏ´´½¨ÐéÄâÖ÷»ú¡¢Éú³ÉSSLÖ¤ÊéÎļþ¼°ÃÜÔ¿¡¢Õë¶ÔHTTPÊÂÎñÆôÓð²È«SSLЭÒ飬ÒÔ¼°Ê¹ÓÃApache CGIÍø¹Ø£¬ÄÇÑùÄã¾Í¿ÉÒÔÔÚ×Ô¼ºµÄÍøÕ¾ÉÏÔËÐÐPerl½Å±¾»òBash½Å±¾¡£

µÚ1²½£º´´½¨ApacheÐéÄâÖ÷»ú

Õâ¸ö»°ÌâʹÓÃÒ»¸öÐé¼ÙµÄÓòÃû£ºgentoo.lan£¬Í¨¹ý±¾µØÖ÷»úÎļþÀ´ÆôÓã¬ÍøÕ¾Îļþ´Ó/var/www/gentoo.lanÀ´Ìṩ¨D¨DûÓÐÓÐЧDNS¼Ç¼µÄDocumentRootÃüÁîÓÃÀ´ÑÝʾÈçºÎÔÚʹÓÃApache Web ServerµÄGentooÉÏÆôÓöà¸öÐéÄâÖ÷»ú¡£

1. Ê×ÏÈ£¬´ò¿ªGentooÖ÷»úÎļþ½øÐб༭£¬ÓÃÄãµÄÓòÃûÌí¼ÓеÄÒ»ÐС£

$ sudo nano /etc/hosts

ÔÚÎļþĩ⣬ÈÃËü¿´ÆðÀ´ÈçͬÕâÑù¡£

127.0.0.1 localhost gentoo
192.168.1.13 gentoo.lan

ÔÚÖ÷»úÎļþÖÐÌí¼ÓÓòÃû

2. ʹÓÃpingÃüÁî²âÊÔÄãµÄÐé¼ÙÓò£¬¸ÃÓòÓ¦¸Ã»áʹÓÃÆäIPµØÖ·À´»ØÓ¦¡£

$ ping -c2 gentoo.lan

 

ÑéÖ¤ÓòÃû

3. ¼¤»îApacheÐéÄâÖ÷»úµÄ¹ý³ÌÏ൱¼òµ¥¡£Ö»Òª´ò¿ªÎ»ÓÚ/etc/apache2/vhosts.d/·¾¶µÄApacheĬÈÏÐéÄâÖ÷»úÎļþ£¬ÔÚ×îºóÒ»¸öÓï¾äÇ°Ãæ£¬ÊäÈëÄãеÄÐéÄâÖ÷»ú¶¨Ò壬¸Ã¶¨ÒåÔÚ¡­ÃüÁîÏÂΧÆðÀ´¡£

°üº¬ÄãµÄ×Ô¶¨ÒåÉèÖ㬱ÈÈçServerNameºÍDocumentRoot·¾¶¡£Ê¹ÓÃÏÂÁÐÎļþÄ£°å×÷ΪÐÂÐéÄâÖ÷»úµÄÖ¸ÄÏ£¬²¢½«ËüÌí¼Óµ½00_default_vhost.confÎļþÉÏ(ÓÃÓÚ·ÇSSLÍøÕ¾)¡£

$ sudo nano /etc/apache2/vhosts.d/00_default_vhost.conf  
## ÒÔ</VirtualHost>½áβµÄÁíÒ»¸öÐéÄâÖ÷»úÓï¾ä###
<VirtualHost *:80>
ServerName gentoo.lan
DocumentRoot "/var/www/gentoo.lan"
<Directory "/var/www/gentoo.lan"
Options Indexes FollowSymLinks ExecCGI MultiViews
# AllowOverride¿ØÖÆÊ²Ã´ÃüÁî¿ÉÒÔ·ÅÔÚ.htaccessÎļþÖС£
AllowOverride All
# ¿ØÖÆË­ÄܴӸ÷þÎñÆ÷ÎļþÖлñµÃÄÚÈÝ
Order allow,deny
Allow from all
</Directory>
<IfModule mpm_peruser_module>
ServerEnvironment apache apache
</IfModule>
</VirtualHost>
## ÁíÒ»¸öÐéÄâÖ÷»úÓï¾ä###
## ½áÊøÐéÄâÖ÷»úÎļþµÄ×îºóÒ»¸öÓï¾ä##
</IfDefine>

ÔÚGentooÖд´½¨ApacheÐéÄâÖ÷»ú

Äã¿ÉÄÜ´Ó¸ÃÎļþÄÚÈÝͼÐÎÖп´³ö£¬ÎļþʹÓÃÁË´óÁ¿µÄ˵Ã÷×¢ÊÍ£¬»¹±£ÁôÁ˱¾µØÖ÷»úÐéÄâÖ÷»úµÄ¶¨Òå¨D¨DÄã¿ÉÒÔ½«ËüÓÃ×÷Ö¸ÄÏ¡£

4. ʹÓÃ×Ô¶¨ÒåµÄÐéÄâÖ÷»úÍê³ÉÎļþ±à¼­ºó£¬ÖØÆôApache£¬ÈÃÉèÖÃÉúЧ£¬²¢È·±£Äã´´½¨ÁËDocumentRootĿ¼£¬ÒÔ·ÀÄã¸ü¸ÄÁ˸ÃÖ¸Á·¾¶ÔÚĬÈÏÇé¿öϲ¢²»´æÔÚ(ÕâÖÖÇé¿öÏ·¾¶¸Ä³É/var/www/gentoo.lan)¡£ÎÒ»¹´´½¨ÁËÒ»¸öСÇɵÄPHPÎļþ£¬ÒÔ²âÊÔWeb·þÎñÆ÷µÄÅäÖá£

$ sudo mkdir /var/www/gentoo.lan  
$ su "echo '<?php phpinfo(); ?>' > /var/www/gentoo.lan/info.php"
$ sudo /etc/init.d/apache2 restart

5. Ïë½øÐÐÑéÖ¤£¬´ò¿ªä¯ÀÀÆ÷£¬½«ÆäÖ¸ÏòÄãµÄÐéÄâÓòÃûhttp://gentoo.lan/info.php¡£

ÑéÖ¤PHPÅäÖÃ

ʹÓÃÕâ¸ö·½·¨£¬Äã¿ÉÒÔʹÓÃApacheÐéÄâÖ÷»ú£¬ÏëÌí¼Ó¼¸¸ö·ÇSSLÍøÕ¾£¬¾ÍÄÜÌí¼Ó¼¸¸ö;µ«ÊǾÍÒ»¸öÕæÊµµÄÃæÏò»¥ÁªÍøµÄ»úÆ÷¶øÑÔ£¬ÒªÈ·±£ÄãµÄÓòÒÑ×¢²á£¬²¢ÇÒʹÓÃÓÐЧµÄDNS·þÎñÆ÷¼Ç¼¡£

Ïëɾ³ýÐéÄâÖ÷»ú£¬Ö»Òª×¢Ê͵ô»òɾ³ý00_default_vhost.confÎļþÖС­ÏÂΧÆðÀ´µÄÖ¸Áî¡£

µÚ2²½£ºÎªÐéÄâÖ÷»úÉú³ÉSSLÖ¤ÊéºÍÃÜÔ¿

SSLÊÇÒ»ÖÖ¼ÓÃÜЭÒ飬ÓÃÀ´Í¨¹ý»¥ÁªÍø»òʹÓÃÖ¤ÊéÒÔ¼°¶Ô³Æ/·Ç¶Ô³ÆÃÜÔ¿µÄÍøÂçÀïÃæµÄ°²È«Í¨ÐÅͨµÀ½»»»ÐÅÏ¢¡£ 6. Ïë¼ò»¯Ö¤ÊéºÍÃÜÔ¿µÄÉú³É¹ý³Ì£¬Ê¹ÓÃÏÂÁÐBash½Å±¾£¬¸Ã½Å±¾³äµ±ÃüÁ¿ÉÒÔ×Ô¶¯´´½¨ÄãËùÐèÒªµÄ´øSSLÓòÃûÉèÖõÄSSLÖ¤ÊéºÍÃÜÔ¿¡£

Ê×ÏÈ£¬¿ªÊ¼Ê¹ÓÃÏÂÁÐÃüÁ´´½¨Bash½Å±¾¡£

$ sudo nano /usr/local/bin/apache_gen_ssl
Ìí¼ÓÏÂÁÐÎļþÄÚÈÝ¡£

#!/bin/bash
mkdir /etc/apache2/ssl
cd /etc/apache2/ssl
echo -e "Enter a name for this certificate:\nEx: mydomain.lan"
read cert
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out $cert.key
chmod 600 $cert.key
openssl req -new -key $cert.key -out $cert.csr
openssl x509 -req -days 365 -in $cert.csr -signkey $cert.key -out $cert.crt
echo -e " The certificate $cert has been generated!\nPlease link it to Apache SSL website!"
ls -all /etc/apache2/ssl/
exit 0

´´½¨Bash½Å±¾£¬Éú³ÉSSL

7. Îļþ´´½¨Íê±Ïºó£¬ÔÚÆäĩβÌí¼ÓÖ´ÐÐȨÏÞ£¬²¢ÔËÐÐÎļþ£¬Éú³ÉSSLÃÜÔ¿¼°Ö¤Êé¡£

$ sudo chmod +x /usr/local/bin/apache_gen_ssl
$ sudo apache_gen_ssl

Éú³ÉSSLÖ¤Êé¼°ÃÜÔ¿

ÄãµÚÒ»´ÎÔËÐÐÎļþʱ£¬Ëü»áÒªÇóÄãÊäÈëÓòÃû¡£ÊäÈëÐèÒªÉú³ÉSSLÉèÖõÄÓòÃû£¬²¢ÎªÖ¤ÊéÌî³ä±ØÒªµÄÐÅÏ¢£¬×îÖØÒªµÄÒ»¸öÐÅÏ¢ÊÇCommon Name£¬Ê¹ÓÃÄã·þÎñÆ÷µÄFQDN(ÍêÈ«·ûºÏ±ê×¼µÄÓòÃû)¡£

ʹÓÃÕâÖÖ·½·¨·ÅÖÃËùÓÐÖ¤ÊéºÍÃÜÔ¿µÄĬÈÏλÖÃÊÇ/etc/apache2/ssl/¡£

8. ÏÖÔÚ¿ÉÒÔ´´½¨Óëgentoo.lan¶ÔÓ¦µÄÐéÄâÖ÷»úSSL¡£Ê¹ÓÃÓë·ÇSSLÐéÄâÖ÷»úÒ»ÑùµÄ·½·¨£¬²»¹ýÕâ»Ø±à¼­/etc/apache2/vhosts.d/00_default_ssl_vhosts.confÎļþ£¬ÐèÒªÉԼӸ͝Îļþ¡£

ÏÈ´ò¿ªÎļþ½øÐб༭£¬È»ºó½øÐÐÏÂÁи͝¡£

$ sudo nano /etc/apache2/vhosts.d/00_default_ssl_vhosts.conf

ÔÚListen 443ÃüÁîÏ£¬Ìí¼ÓÏÂÁÐÄÚÈÝ¡£

NameVirtualHost *:443

ÆôÓÃHTTPS¶Ë¿Ú

Õë¶ÔеÄÐéÄâÖ÷»úʹÓÃÏÂÁÐÄ£°å£¬²¢ÔÚĩβÌí¼ÓеÄSSLÖ¤Êé¼°ÃÜԿ·¾¶ºÍÃû³Æ¡£

## ÒÔ</VirtualHost> ½áβµÄÁíÒ»¸öÐéÄâÖ÷»úÓï¾ä###  
<VirtualHost *:443>
ServerName gentoo.lan
DocumentRoot "/var/www/gentoo.lan"
ErrorLog /var/log/apache2/gentoo.lan-ssl_error_log
<IfModule log_config_module>
TransferLog /var/log/apache2/gentoo.lan-ssl_access_log
</IfModule>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
## ʹÓÃÐÂÉú³ÉµÄSSLÖ¤ÊéºÍÃÜÔ¿½øÐб༭£¬½«Â·¾¶¸Ä³É/etc/apache2/ssl/
SSLCertificateFile /etc/apache2/ssl/gentoo.lan.crt
SSLCertificateKeyFile /etc/apache2/ssl/gentoo.lan.key
<Directory "/var/www/gentoo.lan">
Options Indexes FollowSymLinks ExecCGI MultiViews Includes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/gentoo.lan ">
SSLOptions +StdEnvVars
</Directory>
<IfModule setenvif_module>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</IfModule>
<IfModule log_config_module>
CustomLog /var/log/apache2/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</IfModule>
</VirtualHost>
## ÁíÒ»¸öÐéÄâÖ÷»úÓï¾ä###

´´½¨SSLÐéÄâÖ÷»ú

ÐéÄâÖ÷»úµÄ¶¨Ò屨ÐëÔÚÕâ×îºóÈý¸öÓï¾ä֮ǰ½áÊø¡£

</IfModule> 
</IfDefine>
</IfDefine>

ÑéÖ¤ÐéÄâÖ÷»ú

9. Íê³ÉÐéÄâÖ÷»úÎļþµÄ±à¼­ºó£¬ÖØÆôApache·þÎñ£¬½«ä¯ÀÀÆ÷Ö¸ÏòʹÓÃHTTPSЭÒéµÄÓò£ºhttps://gentoo.lan¡£

$ sudo /etc/init.d/apache2 restart

ÑéÖ¤HTTPSЭÒé

ʹÓÃÕâ¸ö·½·¨£¬¾Í¿ÉÒÔʹÓÃApacheÐéÄâÖ÷»ú£¬ÎªSSLÍøÕ¾Ìí¼Ó×Ô¼ºµÄÖ¤ÊéºÍÃÜÔ¿¡£Ïëɾ³ýSSLÐéÄâÖ÷»ú£¬Ö»Òª×¢Ê͵ô»òɾ³ýÔÚ/etc/apache2/vhosts.d/00_default_ssl_vhosts.confÎļþÖС­ÏÂΧÆðÀ´µÄÃüÁî¡£

µÚ3²½£ºÆôÓÃCGI½Ó¿Ú

CGI(ͨÓÃÍø¹Ø½Ó¿Ú)ÈÃApache¿ÉÒÔÓëÍⲿ³ÌÐò½øÐÐÁªÏµ£¬ËüÖ÷ÒªÓÉPerl»òBASH½Å±¾×é³É£¬¿ÉÒÔΪÄãµÄÍøÕ¾Ìí¼Ó¶¯Ì¬ÄÚÈÝ¡£

10. ÔÚÆôÓÃCGIÍø¹ØÖ®Ç°£¬È·±£ApacheÒѾ­¹ý±àÒ룬Portage make.confÎļþ£ºcgi cgid ÉÏÖ§³ÖUSE CGIÄ£¿é¡£ÏëÆôÓÃGCI¶ÔApacheµÄÖ§³Ö£¬´ò¿ª/etc/conf.d/apache2Îļþ£¬ÔÚAPACHE2_OPTSÕâÒ»ÐÐÌí¼ÓCGIÄ£¿é¡£

$ sudo nano /etc/conf.d/apache2

È·±£ÕâÒ»ÐÐÓÐÀàËÆµÄÄÚÈÝ¡£

APACHE2_OPTS="-D DEFAULT_VHOST -D INFO
 -D SSL -D SSL_DEFAULT_VHOST -D LANGUAGE -D STATUS -D CGI"

ΪApacheÆôÓÃCGI

11. CGIÄ£¿éÆôÓú󣬴ò¿ªÄãÏëÒªÆôÓÃCGI½Ó¿ÚµÄÍøÕ¾¶¨ÒåÖ÷»ú£¬²¢½«ÏÂÁÐÄÚÈÝÌí¼Óµ½ÐéÄâÖ÷»úÃüÁîÀïÃæ¡£

<Directory "/var/www/gentoo.lan"> 
Options Indexes +ExecCGI MultiViews
AddHandler cgi-script .cgi .pl
DirectoryIndex index.cgi index.php index.html index.pl
AllowOverride All
Order allow,deny
Allow from all
</Directory>

ÔÚÐéÄâÖ÷»úÖÐÆôÓÃCGI

12. Èç¹ûÄãÔÚDocumentRoot(/var/www/gentoo.lan/)·¾¶ÀïÃæÓÐÒ»¸öĿ¼´æ·ÅCGI½Å±¾£¬ÍêÈ«¿ÉÒÔÆôÓøÃĿ¼£¬Ìṩ¶¯Ì¬µÄPerl»òBash½Å±¾¡£

ScriptAlias /cgi-bin/ /var/www/gentoo.lan/cgi-bin/  
<Location /cgi-bin>
Options +ExecCGI
AddHandler cgi-script .cgi .pl
DirectoryIndex index.cgi index.php index.html index.pl
</Location>

13. ÖÁÓÚSSI(·þÎñÆ÷¶ËǶÈë)£¬ÔÚOptionsÉÏÌí¼Ó+IncludesÓï¾ä£¬²¢Ìí¼Ó.shtmlÎļþÀ©Õ¹Ãû¡£

<Directory "/var/www/gentoo.lan"> 
Options Indexes +ExecCGI +Includes
AddHandler cgi-script .cgi .pl
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
DirectoryIndex index.shtml index.cgi index.pl index.php index.html
AllowOverride All
Order allow,deny
Allow from all
</Directory>

14. ÏëÔÚAapche CGAÍø¹ØÉϲâÊÔһЩ¼òµ¥µÄ.cgiºÍ.pl½Å±¾£¬ÔÚÐéÄâÖ÷»úDocumentRoot(/var/www/gentoo.lan/)ÀïÃæ´´½¨ÏÂÁнű¾¡£

Perl½Å±¾

$ sudo nano /var/www/gentoo.lan/env.pl

Ìí¼ÓÏÂÁÐPerlÄÚÈÝ¡£

#!/usr/bin/perl
print "Content-type: text/html\n\n"; foreach my $keys (sort keys %ENV) { print "$keys =
$ENV{$keys}<br/>\n";
}

Bash½Å±¾

$ sudo nano /var/www/gentoo.lan/run.cgi

Ìí¼ÓÏÂÁÐBashÄÚÈÝ¡£

#!/bin/bash
echo "Content-type: text/html"
echo ""
echo "-----------------------------------------------
./env.pl
echo "------------------------------------

15. ÉÏÊöÎļþ´´½¨Íê±Ïºó£¬ÈÃËüÃdzÉΪ¿ÉÖ´ÐÐÎļþ£¬ÖØÆôApacheºǫ́³ÌÐò£¬½«ä¯ÀÀÆ÷Ö¸ÏòÏÂÁÐURL¡£

$ sudo chmod +x /var/www/gentoo.lan/run.cgi
$ sudo chmod +x /var/www/gentoo.lan/env.pl
$ sudo /etc/init.d/apache2 restart

https://gentoo.lan/run.cgi
OR
https://gentoo.lan/env.pl

ÑéÖ¤CGIÅäÖÃ

ÏÖÔÚ£¬Äã¿ÉÒÔ½«Gentoo±ä³ÉÒ»¸ö¹¦ÄÜÇ¿´óµÄWebÖ÷»úÍÐ¹ÜÆ½Ì¨£¬¿ÉÒÔͨ¹ýһЩÉèÖöÔϵͳÐÔÄܽøÐÐ΢µ÷£¬²¢ÇÒ×î´óÏ޶ȵؿØÖÆÄãµÄÕû¸ö»·¾³¡£

   
4462 ´Îä¯ÀÀ       27
     
????

HTTP????
nginx??????
SD-WAN???
5G?????
 
????

??????????
IPv6???????
??????????
???????
????

????????
????????
???????????????
??????????
×îл¼Æ»®
DeepSeekÔÚÈí¼þ²âÊÔÓ¦ÓÃʵ¼ù 4-12[ÔÚÏß]
DeepSeek´óÄ£ÐÍÓ¦Óÿª·¢Êµ¼ù 4-19[ÔÚÏß]
UAF¼Ü¹¹ÌåϵÓëʵ¼ù 4-11[±±¾©]
AIÖÇÄÜ»¯Èí¼þ²âÊÔ·½·¨Óëʵ¼ù 5-23[ÉϺ£]
»ùÓÚ UML ºÍEA½øÐзÖÎöÉè¼Æ 4-26[±±¾©]
ÒµÎñ¼Ü¹¹Éè¼ÆÓ뽨ģ 4-18[±±¾©]

ÖйúÒÆ¶¯ ÍøÂç¹æ»®Óë¹ÜÀí
Ò½Ôº°²·ÀϵͳԶ³Ì̽ÊÓ·½°¸½âÎö
»ùÓÚRFID¼¼ÊõµÄÎïÁªÍøÑо¿
»ùÓÚÎïÁªÍø¡¢ÔƼÆËã¼Ü¹¹...
»ùÓÚRFID¼¼ÊõÎïÁªÍøÑо¿ÓëÓ¦ÓÃ
ÎïÁªÍøµÄ·¢Õ¹Æ¿¾±ºÍ¹Ø¼ü¼¼Êõ