安装完qmailadmin访问https://yourdomain.net/cgi-bin/qmailadmin时不支持https
1.修改/etc/httpd/conf/httpd.conf
添加listen 443
2.配置支持https
(1)安装httpd支持ssl模块(httpd是yum安装的)
yum install mod_ssl -y
(2)自建CA
#cd /etc/pki/CA
# (umask 077; openssl genrsa -out private/cakey.pem 2048)
#openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365
(3)生成私钥
cd /etc/httpd/conf/
mkdir ssl
cd ssl
(umask 077; openssl genrsa -out httpd.key 1024)
(4)生成证书申请
1openssl req -new -key httpd.key -out httpd.csr
(5)ca签署证书
1openssl ca -in httpd.csr -out httpd.crt -days 365
报错:Error opening CA private key ../../CA/private/cakey.pem
解决:第(3)、(4)点应进入cd /etc/pki/CA;mkdir ssl;cd ssl;再copy生成的httpd.crt httpd.csr httpd.key三个文件到/etc/httpd/conf/的ssl目录
(6)修改httpd的ssl配置文件
vi /etc/httpd/conf.d/ssl.conf
DocumentRoot "/www/web1"
ServerName www.lyd.com
SSLCertificateFile /etc/httpd/conf/ssl/httpd.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl/httpd.key
(7)将ca证书导入到客户端可信任证书服务器,并验证
转载于:https://blog.51cto.com/dragonball/1349758