本文介绍了如何从httpd.conf apache导出ssl密钥,crt和CA,将其用于所有用户的nginx的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

使用自定义安装程序,使用nginx作为cPanel的web引擎
需要命令来导出ssl文件以将其用于nginx



cpanel现在使用AutoSSL comodo免费赠送,当任何用户域名ssl过期时自动更新



示例httpd.conf

 < VirtualHost 4xx30:4433> 
ServerName xnxxsch.com
< IfModule ssl_module>
SSLCertificateFile / var / cpanel / ssl / installed / certs / xnh_com_d98c5_67ca3_150707 $
SSLCertificateKeyFile / var / cpanel / ssl / installed / keys / d98c5_67ca3_76c14a301e0260891bbe91504 $
SSLCACertificateFile / var / cpanel / ssl / installed / cabundles / cPanel_Inc__681917bfb43af6b642178 $
< / IfModule>
< / VirtualHost>

< VirtualHost 46.xx30:4433>
ServerName xxxh.com
< IfModule ssl_module>
SSLCertificateFile / var / cpanel / ssl / installed / certs / xnah_com_d98c5_67ca3_150707 $
SSLCertificateKeyFile / var / cpanel / ssl / installed / keys / d98c5_67ca3_76c14a301e0260891bbe91504 $
SSLCACertificateFile / var / cpanel / ssl / installed / cabundles / cPanel_Inc__681917bfb43af6b642178 $
< / IfModule>
< / VirtualHost>

需要导出每个域(ServerName)



作为两个文件

SSLCertificateKeyFile 作为 ServerName.key

'p>和



了SSLCertificateFile + SSLCACertificateFile的作为为servername.crt



从SSH


$ b $ pre $ grep'ServerName'/ etc / apache2 / conf /httpd.conf

导出所有需要循环使用的元素

'p>获得了SSLCertificateKeyFile下它



和与名称为servername.crt复制到/ etc / nginx的/ SSL /




<$ p $

p> #!/ bin / bash
#查找ServerName并提取值。循环结果。
for $(grep ServerName httpd.conf | sed's /.* ServerName \s * //');做
echo $ server
#拉出该服务器的XML块
lock = $(grep -A5$ serverhttpd.conf)

#提取XML块$ b $文件名b了SSLCertificateFile = $(回声 $块 | sed的-n的/.* SSLCertificateFile\s * // p')
了SSLCertificateKeyFile = $(回声$块 | SED -n的/.* SSLCertificateKeyFile\s * // p')
SSLCACertificateFile = $(回声 $块 | SED -n的/.* SSLCACertificateFile\s * // p')

#创建文件
CP $了SSLCertificateKeyFile $ {}服务器.KEY
猫 $了SSLCertificateFile $ SSLCACertificateFile > $ {server} .crt
完成
#循环结束


use custom setup that use nginx as web engine with cpanelneed command to export ssl files to use it into nginx

cpanel now use AutoSSL powered by Comodo that give it free and will renew it automatic when any users domains ssl expire

example httpd.conf

<VirtualHost 4xx30:4433>
  ServerName xnxxsch.com
  <IfModule ssl_module>
 SSLCertificateFile /var/cpanel/ssl/installed/certs/xnh_com_d98c5_67ca3_150707$
    SSLCertificateKeyFile /var/cpanel/ssl/installed/keys/d98c5_67ca3_76c14a301e0260891bbe91504$
    SSLCACertificateFile /var/cpanel/ssl/installed/cabundles/cPanel_Inc__681917bfb43af6b642178$
  </IfModule>
</VirtualHost>

<VirtualHost 46.xx30:4433>
  ServerName xxxh.com
  <IfModule ssl_module>
 SSLCertificateFile /var/cpanel/ssl/installed/certs/xnah_com_d98c5_67ca3_150707$
    SSLCertificateKeyFile /var/cpanel/ssl/installed/keys/d98c5_67ca3_76c14a301e0260891bbe91504$
    SSLCACertificateFile /var/cpanel/ssl/installed/cabundles/cPanel_Inc__681917bfb43af6b642178$
  </IfModule>
</VirtualHost>

need to export every domains (ServerName)

as two files

SSLCertificateKeyFile as ServerName.key

and

SSLCertificateFile+ SSLCACertificateFile as ServerName.crt

from ssh

with

grep 'ServerName' /etc/apache2/conf/httpd.conf

i export all need to use at loop

to get SSLCertificateKeyFile under it

and copy it with name servername.crt to /etc/nginx/ssl/

解决方案

I'm sure some efficiency nuts will choke on this, but it should work:

#!/bin/bash
# Look for ServerName, and extract the value.  Loop over results.
for server in $( grep ServerName httpd.conf | sed 's/.*ServerName\s*//' ); do
    echo $server
    # Pull out the block of XML for that server
    block=$( grep -A5 "$server" httpd.conf)

    # Extract file names from the XML block
    SSLCertificateFile=$( echo "$block" | sed -n 's/.*SSLCertificateFile\s*//p')
    SSLCertificateKeyFile=$( echo "$block" | sed -n 's/.*SSLCertificateKeyFile\s*//p')
    SSLCACertificateFile=$( echo "$block" | sed -n 's/.*SSLCACertificateFile\s*//p')

    # Create files
    cp "$SSLCertificateKeyFile" "${server}.key"
    cat "$SSLCertificateFile" "$SSLCACertificateFile" > "${server}.crt"
done
# end of loop

这篇关于如何从httpd.conf apache导出ssl密钥,crt和CA,将其用于所有用户的nginx的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-14 18:25