Apache2 + SSL + PHP5

| | Comments (0)

據說 Apache 2.0 的效能較好, 一些常用的 Module, 已經內含, 很方便.
wget http://ftp.cis.nctu.edu.tw/data/UNIX/apache/httpd/httpd-2.0.54.tar.gz
wget http://tw.php.net/get/php-5.0.5.tar.bz2/from/tw.php.net/mirror
tar zxf httpd-2.0.54.tar.gz
tar jxf php-5.0.5.tar.bz2
cd httpd-2.0.54 (Apache2)
./configure --prefix=/usr/local/apache --sysconfdir=/usr/local/apache/conf \
     --enable-module=so \
     --enable-ssl --enable-rewrite --enable-proxy
make install
cd ../php-5.0.5 (PHP5)
./configure --with-mysql --with-apxs2=/usr/local/apache/bin/apxs \
     --enable-module=so --with-config-file-path=/usr/local/etc \
     --libexecdir=/usr/local/apache/libexec --with-iconv \
     --with-gd --with-zlib --with-jpeg-dir
cp .libs/libphp5.so /usr/local/apache/modules (把 PHP5 modules copy 到 Apache modules 目錄下)
參考 How can I create and use my own Certificate Authority (CA)?
cd /usr/local/apache/conf
openssl genrsa -out server.key
(若要 Apache 啟動時不需密碼, 就不要加 -des3, 若有加 -des3 後, 最後要調整為不要密碼, 可參考 How to remove a pass phrase?)
openssl req -new -key server.key -out server.csr
openssl genrsa -out ca.key
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
./sign.sh server.csr (sign.sh 在 modssl tar ball 內 pkg.contrib 目錄可以找到)
chmod 400 server.*
mv server.crt ssl.crt
mv server.key ssl.key
若覺得上述步驟太麻煩, 也可以這樣來產生自簽 Key
openssl req -new -x509 -nodes -out ssl.crt/server.crt -keyout ssl.key/server.key -days 3650
設定 httpd.conf
LoadModule php5_module modules/libphp5.so
DirectoryIndex index.html index.htm index.php (在 DirectoryIndex 該行後加上 index.php)
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
啟動 /usr/local/apache/bin/apachectl startssl

Leave a comment



January 2010

Sun Mon Tue Wed Thu Fri Sat
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30

About this Entry

This page contains a single entry by Pank published on September 12, 2005 11:55 AM.

HiNet 連不上 Google was the previous entry in this blog.

PDF to DOC by using Microsoft Office Document Image Writer is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.