第一步
搭建 web 服务器
[root@bogon ~]# yum install -y httpd mod_ssl # 装 httpd 和 mod_ssl 的包
[root@bogon ~]# systemctl status firewalld # 查看防火墙状态
[root@bogon ~]# systemctl stop firewalld # 关闭防火墙
[root@bogon ~]# getenforce # 查看 selinux 的状态
[root@bogon ~]# setenforce 0 # 改变 selinux 的工作状态
[root@bogon ~]# vim /etc/httpd/conf.d/https-22222.conf # 编辑 /etc/httpd/conf.d/https-22222.conf 文件
listen 22222 # 监听端口
<VirtualHost 192.168.222.128:22222> # 主机名
DocumentRoot /www/https # 访问文档根目录
ServerName www.zuoye.com # 服务器名称
ErrorLog "/var/log/httpd/https-22222-error_log" # 报错日志存放路径
CustomLog "/var/log/httpd/https-2222-access_log" common # 访问日志存放路径
SSLEngine on # 启用 ssl 协议
SSLCertificateFile /etc/pki/tls/certs/https-22222.crt # 证书文件
SSLCertificateKeyFile /etc/pki/tls/certs/https-22222.key # 证书密钥文件
</VirtualHost> # 结束标记
<directory /www/https> # 对目录权限的设定
allowoverride none
require all granted
</directory> # 结束标记
[root@bogon ~]# mkdir -p /www/https # 递归创建 /www/https 目录
[root@bogon ~]# echo zuoye >/www/https/index.html # 给 /www/https/index.html 写入内容
[root@bogon ~]# openssl genrsa -aes128 2048 > /etc/pki/tls/certs/https-22222.key # 创建自签名证书
[root@bogon ~]# openssl req -utf8 -new -key /etc/pki/tls/certs/https-22222.key -x509 -days 365 -out /etc/pki/tls/certs/https-22222.crt -set_serial 0 # 创建自签名证书
[root@bogon ~]# systemctl restart httpd # 重启服务
[root@bogon ~]# curl https://192.168.222.128:22222 -k # 测试
第二步
设置别名
[root@bogon ~]# vim /etc/httpd/conf.d/https-22222.conf # 编辑文件
listen 22222
<VirtualHost 192.168.222.128:22222>
DocumentRoot /www/https
alias /mimi /usr/local/secret # 加上别名
ServerName www.zuoye.com
ErrorLog "/var/log/httpd/https-22222-error_log"
CustomLog "/var/log/httpd/https-2222-access_log" common
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/https-22222.crt
SSLCertificateKeyFile /etc/pki/tls/certs/https-22222.key
</VirtualHost>
<directory /www/https>
allowoverride none
require all granted
</directory>
<directory /usr/local/secret> # 别名目录权限的设定
authtype basic # 认证的基本方式
authname "please login" # 认证名
authuserfile /etc/httpd/userfile # 认证用户信息的目录
require user xiaoming # 允许访问的用户
</directory> # 结束标记
[root@bogon ~]# mkdir /usr/local/secret # 创建目录
[root@bogon ~]# echo xiaomingkan > /usr/local/secret/index.html # 写入文件
[root@bogon ~]# htpasswd -c /etc/httpd/userfile xiaoming # 创建访问用户并设置密码
[root@bogon ~]# curl https://192.168.222.128:22222/mimi/ -k -u xiaoming # 测试
第三步
设置 hosts 文件
[root@bogon ~]# vim /etc/hosts # 编辑文件
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.222.128 www.zuoye.com # 解析 ip 地址和访问名称
[root@bogon ~]# curl https://www.zuoye.com:22222 -k # 测试
[root@bogon ~]# curl https://www.zuoye.com:22222/mimi/ -k -u xiaoming # 测试
在windows里设置hosts文件
路径:C:WindowsSystem32driversetchosts
打开hosts文件添加 192.168.222.128 www.zuoye.com 就可以用 www.zuoye.com 访问了,仅限设置过hosts文件的windows本机