以下内容为原创,转载请注明出处!
1:安装apache:apt-get install apache2
2:下载证书,阿里云有免费证书购买,补充资料审核通过后,点击下载,会出现不同版本,我们这里选择apache版本下载,
3:我们最终会拿到四个文件:订单号.key,订单号.pem,chain.pem,public.pem,实际上我们只用到2个:一个是.key文件,一个是public.pem
4:配置apache,
找到ssl配置文件:default-ssl.conf,在/etc/apache2/site-available/目录下
以下为配置(该配置有效,请参考本章域名):
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin www.520pf.cn
DocumentRoot /home/kefeng
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/apache2/ssl/public.pem
SSLCertificateKeyFile /etc/apache2/ssl/订单号.key
SSLCertificateChainFile /etc/apache2/ssl/chain.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
WSGIScriptAlias / /home/keke/kefeng/kefeng/wsgi.py
WSGIDaemonProcess kf processes=2 threads=15 display-name=%{GROUP} python-path=/home/keke/kefeng:/home/keke/virtualenv/lib/python2.7/site-packages
Alias /static/ /home/keke/kefeng/static/
Alias /media/ /home/keke/kefeng/media/
<Directory /home/keke/kefeng/static>
Require all granted
</Directory>
<Directory /home/keke/kefeng/media>
Require all granted
</Directory>
<Directory /home/keke/kefeng>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
</VirtualHost>
</IfModule>
5:启动ssl:a2enmod ssl
6:激活站点:a2ensite default-ssl.conf
7:重启apache2
8:301重定向,将www.520pf.cn 跳转到 http://www.520pf.cn,查看/etc/apache2/mods-enabled中的 rewrite.load中是否被注释,将注释打开
RewriteEngine on # 开启rewrite引擎
RewriteCond %{HTTP_HOST} ^www.520pf.cn$ [OR]
RewriteCond %{HTTP_HOST} ^520pf.cn$ [OR]
RewriteRule ^/(.*)$ https://www.520pf.cn/$1 [R=301,L]
服务器部署请参照:https://www.520pf.cn/article/22.html
负载均衡,会话保持请参照:https://www.520pf.cn/article/162.html