Debian Linux Apache2 HTTPS/SSL + SVN 配置
作者: reistlin
来源: http://www.reistlin.com/blog/197
更新时间: 2009.12
版权声明: 原创文章.转载请保留作者信息和原文完整.谢绝任何方式的摘要
一,环境:
Debian Liunx(5.x / 6.x) + apache2(2.2.16)+ HTTPS/SSL + Subversion(1.6.12)
二,配置:
1,安装 apache2,openssl
reistlin:~# apt-get install apache2 openssl
2,创建 ssl 目录,用于存放 ssl pem 证书文件
reistlin:~# mkdir -p /etc/apache2/ssl
3,创建 ssl 证书(svn.pem),保存到 ssl 目录(/etc/apache2/ssl)
-days 365 证书有效时间为一年,可根据需求自定义。
reistlin:~# RANDFILE=/dev/random openssl req $@ -new -x509 -days 365 -nodes \ -out /etc/apache2/ssl/svn.pem \ -keyout /etc/apache2/ssl/svn.pem
4,配置 ssl 证书(svn.pem),包括国家名,州(省),市,组织,姓名,E-mail地址
Generating a 1024 bit RSA private key .......++++++ ........++++++ writing new private key to ''/etc/apache2/ssl/svn.pem'' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ''.'', the field will be left blank. ----- Country Name (2 letter code) [AU]:CN State or Province Name (full name) [Some-State]:GD Locality Name (eg, city) []:GZ Organization Name (eg, company) [Internet Widgits Pty Ltd]:Reistlin.com Organizational Unit Name (eg, section) []:Reistlin.com Common Name (eg, YOUR name) []:reistlin Email Address []:admin@reistlin.com
5,证书创建完成后,配置证书 root 权限(重要!)
reistlin:~# chmod 600 /etc/apache2/ssl/svn.pem
6,创建 apache2 svn ssl 配置文件
reistlin:~# vim /etc/apache2/sites-available/svn
配置启用 SSL Engine,指定 /etc/apache2/ssl/svn.pem 配置文件路径
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/svn.pem
配置启用 apache2 日志 svn_error.log 和 svn_access.log
<VirtualHost *:443> SSLEngine On SSLCertificateFile /etc/apache2/ssl/svn.pem ServerAdmin webmaster@localhost DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/svn_error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/svn_access.log combined </VirtualHost>
7,启用 apache2 svn ssl 配置(a2ensite),启用 apache2 ssl mod(a2enmod)
reistlin:~# cd /etc/apache2/sites-available reistlin:~# a2ensite svn Enabling site svn. Run ''/etc/init.d/apache2 reload'' to activate new configuration! reistlin:~# a2enmod ssl Module ssl enabled
8,配置完成,重新启动 apache2 服务
reistlin:~# /etc/init.d/apache2 restart
三,相关信息:
Debian Linux Apache2 + SVN 配置
[http://www.reistlin.com/blog/195]