问题描述
我尝试过在线搜索,但感到困惑.我不清楚.
I have tried searching for it online, but I got confused. I didn't get any clarity.
推荐答案
从链接复制:
在WAMP上启用SSL
本分步指南介绍了如何在WAMP上启用SSL.
This step by step guide explains how you can enble SSL on WAMP.
-
从此处下载WampServer 2.0,并将其安装到默认位置(c:\ wamp) .
Download WampServer 2.0 from here and install it to the default location (c:\wamp).
现在,我们需要一个私钥/公钥对以及一个用于签署我们的公钥的CA.
Now, we need to have a private/public key pair as well as a CA to sign our public key.
首先,让我们看看如何创建私钥/公钥对.
First, lets see how we can create a private/public key pair.
keytool -genkey -alias rpcert -keyalg RSA -keysize 1024 -dname "CN=identity-rp,L=SL,S=WS,C=LK" -keypass wso2key -keystore rpkeystore.jks -storepass wso2key
这将创建具有公钥/私钥对的密钥库[rpkeystore.jks].
This will create a keystore [rpkeystore.jks] with public/private key pair.
我的上一篇文章介绍了如何导出私钥从密钥库中.只需按照此处给出的步骤操作,您将获得一个文件server.key,这是您的私钥.
My previous post explains how you can export your private key from the keystore. Just follow the steps given there and you'll end up with a file server.key, which is your private key.
现在,我们需要使用CA签署我们的公共证书.
Now, we need to sign our public certificate with a CA.
这-要求我们创建一个示例CA,以下说明了如何执行此操作.
This - requires us to create a sample CA and following explains how to do that.
在这里,我们使用OpenSSL构建所需的CA基础结构.对于Windows,您可以从此处下载Win32 OpenSSL v0.9.8g .
Here we use OpenSSL to build the required CA infrastructure. For Windows you can download Win32 OpenSSL v0.9.8g from here.
一旦安装,请确保将C:\OpenSSL\bin [i.e [INSTALLED_LOCATION]\bin]
添加到PATH env变量.
Once installed make sure you add C:\OpenSSL\bin [i.e [INSTALLED_LOCATION]\bin]
to the PATH env variable.
openssl req -x509 -newkey rsa:1024 -keyout cakey.pem -out cacert.crt
以上内容将为我们的示例CA创建一个公钥/私钥对.
The above will creare a public/private key pair for our sample CA.
现在,我们需要向服务器创建证书签名请求.
Now, we need to create a certificate signing request to our server.
转到创建密钥库[rpkeystore.jks]的文件夹,然后发出以下命令.
Go to the folder where you created the keystore [rpkeystore.jks] and issue the following command.
keytool -certreq -v -alias rpcert -file csr.pem -keypass wso2key -storepass wso2key -keystore rpkeystore.jks
现在将csr.pem复制到为CA生成密钥的文件夹中,然后从该文件夹发出以下命令.
Now copy the csr.pem to the folder where you generated keys for the CA and issue the following command from there.
openssl x509 -req -days 365 -in csr.pem -CA cacert.crt -CAkey cakey.pem -CAcreateserial -out server.crt
现在,我们已经拥有所有需要的文件.
By now we have all the requiured files.
cacert.crt-> CA公共证书server.crt->由CA签名的服务器公共证书server.key->服务器私钥.
cacert.crt --> CA public certificateserver.crt --> Server public certificate signed by the CAserver.key --> Server private key.
假设您已将WAMP安装到默认位置,请将上述所有三个文件复制到c:\wamp\bin\apache\apache2.2.8\conf
.
Copy all the above three files to c:\wamp\bin\apache\apache2.2.8\conf
assuming you installed WAMP to the default location.
还编辑c:\ WINDOWS \ system32 \ drivers \ etc \ hosts文件并添加以下条目.
Also edit c:\WINDOWS\system32\drivers\etc\hosts file and add the following entry.
127.0.0.1 identity-rp
如果您还记得的话,当我们为服务器创建公共证书时,我们是为identity-rp创建的.
If you could recall, when we creating the public certificate for our server, we created it for identity-rp.
- 编辑httpd.conf [C:\ wamp \ bin \ apache \ apache2.2.8 \ conf]
取消注释以下两行.
LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
找到侦听80"并将其更改为侦听12081"-这是我们的服务器在端口号12081上运行.
Find Listen 80 and change it to Listen 12081 - that is our server is running on port number 12081.
找到ServerName并将其设置为ServerName identity-rp:12081.
Find ServerName and set it to ServerName identity-rp:12081.
-
编辑httpd-ssl.conf [C:\ wamp \ bin \ apache \ apache2.2.8 \ conf \ extra]
Edit httpd-ssl.conf [C:\wamp\bin\apache\apache2.2.8\conf\extra]
设置监听身份rp:12444-我们正在监听端口12444以进行安全通信.
Set Listen identity-rp:12444 - we are listening to port 12444 for secure communication.
设置
将DocumentRoot设置为"C:/wamp/www/"
Set DocumentRoot "C:/wamp/www/"
设置ServerName身份-rp:12444
Set ServerName identity-rp:12444
对于整个文件,找到"C:/Program Files/Apache Software Foundation/Apache2.2",并替换为"C:/wamp/bin/apache/apache2.2.8".
For the entire file find "C:/Program Files/Apache Software Foundation/Apache2.2" and replace with "C:/wamp/bin/apache/apache2.2.8".
找到SSLCertificateFile并将SSLCertificateFile设置为"C:/wamp/bin/apache/apache2.2.8/conf/server.crt"
Find SSLCertificateFile and set SSLCertificateFile "C:/wamp/bin/apache/apache2.2.8/conf/server.crt"
找到SSLCertificateKeyFile并将SSLCertificateKeyFile设置为"C:/wamp/bin/apache/apache2.2.8/conf/server.key"
Find SSLCertificateKeyFile and set SSLCertificateKeyFile "C:/wamp/bin/apache/apache2.2.8/conf/server.key"
找到SSLCACertificateFile并将SSLCACertificateFile设置为"C:/wamp/bin/apache/apache2.2.8/conf/cacert.crt"
Find SSLCACertificateFile and set SSLCACertificateFile "C:/wamp/bin/apache/apache2.2.8/conf/cacert.crt"
- 编辑php.ini(C:\ wamp \ bin \ apache \ apache2.2.8 \ bin)
取消注释extension=php_openssl.dll
-
现在我们完成了-进行语法检查并启动apache服务器.
Now we are done - do a syntax check and start the apache server.
:> cd C:\ wamp \ bin \ apache \ apache2.2.8 \ bin:> httpd -t:> httpd-开始
:> cd C:\wamp\bin\apache\apache2.2.8\bin:> httpd -t:> httpd --start
在浏览器上键入https://identity-rp:12444
-您将在浏览器中看到证书错误-避免它在浏览器中安装CA证书.
Type https://identity-rp:12444
on your browser - you'll see a certificate error at the brower - to avoid it install CA certificate in your browser.
这篇关于如何在Wamp Server中启用SSL?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!