Debian Linux Apache2 HTTPS/SSL + SVN 配置

作者:reistlin 发布时间:March 23, 2011 分类:原创文章

作者: reistlin
来源: http://www.reistlin.com/blog/197
更新时间: 2009.12
版权声明: 原创文章.转载请保留作者信息和原文完整.谢绝任何方式的摘要

debian.gif

一,环境:

Debian Liunx(5.x / 6.x) + apache2(2.2.16)+ HTTPS/SSL + Subversion(1.6.12)

二,配置:

1,安装 apache2,openssl

reistlin:~# apt-get install apache2 openssl

2,创建 ssl 目录,用于存放 ssl pem 证书文件

reistlin:~# mkdir -p /etc/apache2/ssl

3,创建 ssl 证书(svn.pem),保存到 ssl 目录(/etc/apache2/ssl)

-days 365 证书有效时间为一年,可根据需求自定义。

reistlin:~# RANDFILE=/dev/random openssl req $@ -new -x509 -days 365 -nodes \
-out /etc/apache2/ssl/svn.pem \
-keyout /etc/apache2/ssl/svn.pem

4,配置 ssl 证书(svn.pem),包括国家名,州(省),市,组织,姓名,E-mail地址

Generating a 1024 bit RSA private key
.......++++++
........++++++
writing new private key to ''/etc/apache2/ssl/svn.pem''
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ''.'', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:GD
Locality Name (eg, city) []:GZ
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Reistlin.com
Organizational Unit Name (eg, section) []:Reistlin.com
Common Name (eg, YOUR name) []:reistlin
Email Address []:admin@reistlin.com

5,证书创建完成后,配置证书 root 权限(重要!)

reistlin:~# chmod 600 /etc/apache2/ssl/svn.pem

6,创建 apache2 svn ssl 配置文件

reistlin:~# vim /etc/apache2/sites-available/svn

配置启用 SSL Engine,指定 /etc/apache2/ssl/svn.pem 配置文件路径

SSLEngine On
SSLCertificateFile /etc/apache2/ssl/svn.pem

配置启用 apache2 日志 svn_error.logsvn_access.log

<VirtualHost *:443>
        SSLEngine On
        SSLCertificateFile /etc/apache2/ssl/svn.pem
 
        ServerAdmin webmaster@localhost
 
        DocumentRoot /var/www
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
 
        ErrorLog ${APACHE_LOG_DIR}/svn_error.log
 
        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn
 
        CustomLog ${APACHE_LOG_DIR}/svn_access.log combined
</VirtualHost>

7,启用 apache2 svn ssl 配置(a2ensite),启用 apache2 ssl mod(a2enmod)

reistlin:~# cd /etc/apache2/sites-available
 
reistlin:~# a2ensite svn
Enabling site svn.
Run ''/etc/init.d/apache2 reload'' to activate new configuration!
 
reistlin:~# a2enmod ssl
Module ssl enabled

8,配置完成,重新启动 apache2 服务

reistlin:~# /etc/init.d/apache2 restart

svn_https.gif

三,相关信息:

Debian Linux Apache2 + SVN 配置
[http://www.reistlin.com/blog/195]

标签: debian, linux, apache, svn

评论已关闭