ȸ¿ø°¡ÀÔ| ¾ÆÀ̵ð/ºñ¹Ð¹øÈ£

Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player

 

Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player

 
Ȩ > °¡À̵å > SSL¼³Ä¡°¡À̵å
Apache (mod_ssl)

 ¡Ø Apache¿¡ SSL ¼³Ä¡ ÀýÂ÷

  [STEP#1] ¾ÆÆÄÄ¡ µ¥¸ó È®ÀÎÇϱâ.
  [STEP#2] ȯ°æ ¼³Á¤ ÆÄÀÏ ¼öÁ¤.
  [STEP#3] ¼­ºñ½º Àç½ÃÀÛ.
  [STEP#4] ¼­ºñ½º È®ÀÎ.


 ¼³Ä¡ ȯ°æ Á¤º¸
  OS :  CentOS 5.4
  Web Server :  Apache 2.2.16
 ¼³Ä¡ Àü ÀÎÁõ¼­ È®ÀÎ
  À̳뼭Ʈ·ÎºÎÅÍ ¹ÞÀ¸½Å ÀÎÁõ¼­ ÆÄÀÏÀ» ¾ÆÆÄÄ¡ °æ·Î ¹Ø¿¡ Àû´çÇÑ Æú´õ¸¦ »ý¼ºÈÄ º¹»çÇÕ´Ï´Ù.

  À¥¼­¹öÀÎÁõ¼­ : [µµ¸ÞÀθí].crt
  Ã¼ÀÎÀÎÁõ¼­ : bundle.crt

[STEP#1] ¾ÆÆÄÄ¡ µ¥¸ó È®ÀÎÇϱâ
[root@localhost httpd]# ps -ef | grep httpd

root 13397 1 2 11:15 ? 00:00:00 /usr/local/apache/bin/httpd
apache 13398 13397 0 11:15 ? 00:00:00 /usr/local/apache/bin/httpd
apache 13399 13397 0 11:15 ? 00:00:00 /usr/local/apache/bin/httpd
 
[STEP#2] ȯ°æ ¼³Á¤ ÆÄÀÏ ¼öÁ¤
 Apache 2.2.xx    Apache 2.0.xx    Apache 1.3.xx  
[root@localhost httpd]# vi $APACHE_HOME/conf/httpd.conf
(Âü°í) $APACHE_HOME Àº ¾ÆÆÄÄ¡°¡ ¼³Ä¡µÈ °æ·Î¸¦ ¶æÇÕ´Ï´Ù.


httpd.conf¿¡ ¾Æ·¡ ³»¿ëÀÌ ÀÖ´ÂÁö È®ÀÎ ÇÕ´Ï´Ù.
¾ÆÆÄÄ¡ ¼³Ä¡ ȯ°æ¿¡ µû¶ó conf.d/ssl.conf ³ª extra/httpd-ssl.conf ¿¡ Àû¿ëµÇ¾î ÀÖÀ» ¼öµµ ÀÖ½À´Ï´Ù.

LoadModule ssl_module modules/mod_ssl.so  


# VirtualHost ¼³Á¤Çϱâ #
# ¾ÆÆÄÄ¡ÀÇ ¹öÀü¿¡ µû¶ó conf.d/ssl.conf ȤÀº extra/httpd-ssl.conf ·Î ÆÄÀϸíÀÌ µÇ¾î ÀÖ½À´Ï´Ù.#

[root@localhost httpd]# vi $APACHE_HOME/conf.d/ssl.conf

¡¥¡¥¡¥¡¥¡¥¡¥¡¥(Áß·«)¡¥¡¥¡¥¡¥¡¥¡¥¡¥
Listen 443   # SSL Æ÷ƮȮÀÎ #
¡¥¡¥¡¥¡¥¡¥¡¥¡¥(Áß·«)¡¥¡¥¡¥¡¥¡¥¡¥¡¥
DocumentRoot /var/www/html
ServerName www.innocert.co.kr
SSLEngine on
SSLCertificateFile /usr/local/apache/ssl/www.innocert.co.kr.crt   # ¹ß±Þ ¹ÞÀº ÀÎÁõ¼­ #
SSLCertificateKeyFile /usr/local/apache/ssl/www.innocert.co.kr.key   # °³ÀÎŰ #
SSLCertificateChainFile /usr/local/apache/ssl/bundle.crt   # üÀÎÀÎÁõ¼­ #
¡¥¡¥¡¥¡¥¡¥¡¥¡¥(Áß·«)¡¥¡¥¡¥¡¥¡¥¡¥¡¥

ÆÄÀÏÀ» ÀúÀå ÇÕ´Ï´Ù.

 
[STEP#3] ¼­ºñ½º Àç½ÃÀÛ
[root@localhost httpd]# vi $APACHE_HOME/bin/apachectl configtest
Syntax OK    # ¼³Á¤ÀÌ Á¤»óÀûÀÏ °æ¿ì ³ª¿À´Â ¸Þ½ÃÁö #


[root@localhost httpd]# $APACHE_HOME/bin/apachectl restart

¶Ç´Â ¾Æ·¡¿Í °°ÀÌ ½ÃÀÛ

[root@localhost httpd]# $APACHE_HOME/bin/apachectl startssl

Apache/2.2.3 mod_ssl/2.2.3 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server www.innocert.co.kr:443 (RSA)
Enter pass phrase:[ÆÐ½º¿öµåÀÔ·Â]

 
[STEP#4] ¼­ºñ½º È®ÀÎ
[root@localhost httpd]# ps -ef | grep httpd

root 13397 1 2 15:45 ? 00:00:00 /usr/local/apache/bin/httpd -k start -DSSL
daemon 13398 13397 0 15:45 ? 00:00:00 /usr/local/apache/bin/httpd -k start -DSSL
daemon 13399 13397 0 15:45 ? 00:00:00 /usr/local/apache/bin/httpd -k start -DSSL

[root@localhost httpd]# netstat -nap | grep httpd

tcp 0 0 :::80 :::* LISTEN 13397/httpd
tcp 0 0 :::443 :::* LISTEN 13397/httpd