 |
¼³Ä¡ ȯ°æ Á¤º¸
OS : CentOS 5.4
Web Server : Apache 2.2.16
|
 |
¼³Ä¡ Àü ÀÎÁõ¼ È®ÀÎ
ÀÌ³ë¼Æ®·ÎºÎÅÍ ¹ÞÀ¸½Å ÀÎÁõ¼ ÆÄÀÏÀ» ¾ÆÆÄÄ¡ °æ·Î ¹Ø¿¡ Àû´çÇÑ Æú´õ¸¦ »ý¼ºÈÄ º¹»çÇÕ´Ï´Ù.
À¥¼¹öÀÎÁõ¼ : [µµ¸ÞÀθí].crt
üÀÎÀÎÁõ¼ : bundle.crt
|
|
[STEP#1] ¾ÆÆÄÄ¡ µ¥¸ó È®ÀÎÇϱâ |
 |
|
[root@localhost httpd]# ps -ef | grep httpd
root 13397 1 2 11:15 ? 00:00:00 /usr/local/apache/bin/httpd
apache 13398 13397 0 11:15 ? 00:00:00 /usr/local/apache/bin/httpd
apache 13399 13397 0 11:15 ? 00:00:00 /usr/local/apache/bin/httpd
|
|
|
 |
|
|
[STEP#2] ȯ°æ ¼³Á¤ ÆÄÀÏ ¼öÁ¤ |
|
|
 |
|
[root@localhost httpd]# vi $APACHE_HOME/conf/httpd.conf
(Âü°í) $APACHE_HOME Àº ¾ÆÆÄÄ¡°¡ ¼³Ä¡µÈ °æ·Î¸¦ ¶æÇÕ´Ï´Ù.
httpd.conf¿¡ ¾Æ·¡ ³»¿ëÀÌ ÀÖ´ÂÁö È®ÀÎ ÇÕ´Ï´Ù.
¾ÆÆÄÄ¡ ¼³Ä¡ ȯ°æ¿¡ µû¶ó conf.d/ssl.conf ³ª extra/httpd-ssl.conf ¿¡ Àû¿ëµÇ¾î ÀÖÀ» ¼öµµ ÀÖ½À´Ï´Ù.
LoadModule ssl_module modules/mod_ssl.so
# VirtualHost ¼³Á¤Çϱâ #
# ¾ÆÆÄÄ¡ÀÇ ¹öÀü¿¡ µû¶ó conf.d/ssl.conf ȤÀº extra/httpd-ssl.conf ·Î ÆÄÀϸíÀÌ µÇ¾î ÀÖ½À´Ï´Ù.#
[root@localhost httpd]# vi $APACHE_HOME/conf.d/ssl.conf
¡¥¡¥¡¥¡¥¡¥¡¥¡¥(Áß·«)¡¥¡¥¡¥¡¥¡¥¡¥¡¥
Listen 443 # SSL Æ÷ƮȮÀÎ #
¡¥¡¥¡¥¡¥¡¥¡¥¡¥(Áß·«)¡¥¡¥¡¥¡¥¡¥¡¥¡¥
DocumentRoot /var/www/html
ServerName www.innocert.co.kr
SSLEngine on
SSLCertificateFile /usr/local/apache/ssl/www.innocert.co.kr.crt # ¹ß±Þ ¹ÞÀº ÀÎÁõ¼ #
SSLCertificateKeyFile /usr/local/apache/ssl/www.innocert.co.kr.key # °³ÀÎŰ #
SSLCertificateChainFile /usr/local/apache/ssl/bundle.crt # üÀÎÀÎÁõ¼ #
¡¥¡¥¡¥¡¥¡¥¡¥¡¥(Áß·«)¡¥¡¥¡¥¡¥¡¥¡¥¡¥
ÆÄÀÏÀ» ÀúÀå ÇÕ´Ï´Ù.
|
|
|
 |
|
|
 |
|
[root@localhost httpd]# vi $APACHE_HOME/bin/apachectl configtest
Syntax OK # ¼³Á¤ÀÌ Á¤»óÀûÀÏ °æ¿ì ³ª¿À´Â ¸Þ½ÃÁö #
[root@localhost httpd]# $APACHE_HOME/bin/apachectl restart
¶Ç´Â ¾Æ·¡¿Í °°ÀÌ ½ÃÀÛ
[root@localhost httpd]# $APACHE_HOME/bin/apachectl startssl
Apache/2.2.3 mod_ssl/2.2.3 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.
Server www.innocert.co.kr:443 (RSA)
Enter pass phrase:[ÆÐ½º¿öµåÀÔ·Â]
|
|
|
 |
|
|
 |
|
[root@localhost httpd]# ps -ef | grep httpd
root 13397 1 2 15:45 ? 00:00:00 /usr/local/apache/bin/httpd -k start -DSSL
daemon 13398 13397 0 15:45 ? 00:00:00 /usr/local/apache/bin/httpd -k start -DSSL
daemon 13399 13397 0 15:45 ? 00:00:00 /usr/local/apache/bin/httpd -k start -DSSL
[root@localhost httpd]# netstat -nap | grep httpd
tcp 0 0 :::80 :::* LISTEN 13397/httpd
tcp 0 0 :::443 :::* LISTEN 13397/httpd
|
|
|
 |
|