1、首先要確認安裝了 mod_ssl模塊

我的機器是centos是系統，執行下面命令

yum install -y mod_ssl

2、用openssl工具生成密鑰，證書請求文件，證書

在/usr/local/httpd目下，執行以下命令。

2.1生成密鑰

openssl genrsa 1024 > server.key

說明：這是用128位rsa算法生成密鑰，得到server.key文件

2.2生成證書請求文件

openssl req -new -out server.csr

說明：這是用步驟1的密鑰生成證書請求文件server.csr, 這一步提很多問題，一一輸入

2.3生成證書

命令：openssl req -x509 -days 365 -key server.key -in server.csr > server.crt

說明：這是用步驟1,2的的密鑰和證書請求生成證書server.crt，-days參數指明證書有效期，單位為天

3、 配置apache

修改httpd.conf

LoadModule ssl_module /usr/lib64/httpd/modules/mod_ssl.so

Include conf/extra/httpd-ssl.conf

修改httpd-ssl.conf

添加虛擬主機：

Listen 443NameVirtualHost *:443<VirtualHost *:443>

# General setup for the virtual hostDocumentRoot "/usr/local/httpd/htdocs/ssl"ServerName ssl.baishiz.com:443ServerAdmin you@example.comErrorLog "/usr/local/httpd/logs/error_log"TransferLog "/usr/local/httpd/logs/access_log"

SSLEngine onSSLPRotocol all -SSLv2SSLCipherSuite HIGH:MEDIUM:!aNULL:!md5

SSLCertificateFile "/usr/local/httpd/server.crt"SSLCertificateKeyFile "/usr/local/httpd/server.key"

<FilesMatch "/.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars</FilesMatch><Directory "/usr/local/httpd/cgi-bin"> SSLOptions +StdEnvVars</Directory>BrowserMatch "MSIE [2-5]" / nokeepalive ssl-unclean-shutdown / downgrade-1.0 force-response-1.0CustomLog "/usr/local/httpd/logs/ssl_request_log" / "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x /"%r/" %b"

</VirtualHost>