以下内容为原创,转载请注明出处!  

1:安装apache:apt-get install apache2


2:下载证书,阿里云有免费证书购买,补充资料审核通过后,点击下载,会出现不同版本,我们这里选择apache版本下载,


3:我们最终会拿到四个文件:订单号.key,订单号.pem,chain.pem,public.pem,实际上我们只用到2个:一个是.key文件,一个是public.pem


4:配置apache,

    找到ssl配置文件:default-ssl.conf,在/etc/apache2/site-available/目录下

    以下为配置(该配置有效,请参考本章域名):

<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerAdmin www.520pf.cn
                DocumentRoot /home/kefeng
                ErrorLog ${APACHE_LOG_DIR}/error.log
                CustomLog ${APACHE_LOG_DIR}/access.log combined

                SSLCertificateFile       /etc/apache2/ssl/public.pem
                SSLCertificateKeyFile /etc/apache2/ssl/订单号.key
                SSLCertificateChainFile /etc/apache2/ssl/chain.pem
                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
                BrowserMatch "MSIE [2-6]" \
                                nokeepalive ssl-unclean-shutdown \
                                downgrade-1.0 force-response-1.0
               
                BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
                WSGIScriptAlias / /home/keke/kefeng/kefeng/wsgi.py
                WSGIDaemonProcess kf processes=2 threads=15 display-name=%{GROUP} python-path=/home/keke/kefeng:/home/keke/virtualenv/lib/python2.7/site-packages
                Alias /static/ /home/keke/kefeng/static/
                Alias /media/ /home/keke/kefeng/media/
                <Directory /home/keke/kefeng/static>
                        Require all granted
                </Directory>
                <Directory /home/keke/kefeng/media>
                        Require all granted
                </Directory>
                <Directory /home/keke/kefeng>
                        <Files wsgi.py>
                                Require all granted
                        </Files>
                </Directory>
        </VirtualHost>
</IfModule>


5:启动ssl:a2enmod ssl


6:激活站点:a2ensite default-ssl.conf


7:重启apache2 


8:301重定向,将www.520pf.cn 跳转到 http://www.520pf.cn,查看/etc/apache2/mods-enabled中的 rewrite.load中是否被注释,将注释打开

       RewriteEngine on # 开启rewrite引擎
       RewriteCond %{HTTP_HOST} ^www.520pf.cn$ [OR]
       RewriteCond %{HTTP_HOST} ^520pf.cn$ [OR]
       RewriteRule ^/(.*)$ https://www.520pf.cn/$1 [R=301,L]

      


服务器部署请参照:https://www.520pf.cn/article/22.html

负载均衡,会话保持请参照:https://www.520pf.cn/article/162.html