apache下https配置以及http强制转发到https下

March 19, 2019

703views

1320 words

# apache下https配置以及http强制转发到https下
## 有关ssl证书的申请请看我这篇文章
[配置免费ssl证书LetEncrypt，开启全民https时代](https://www.jianshu.com/p/6e2f89711b02)
## 确保apache安装了ssl模块
```
yum install mod_ssl
```
## 打开/etc/httpd/conf.d/ssl.conf
```
SSLCertificateFile /root/.acme.sh/www.exmple.com/www.exmple.com.cer
SSLCertificateKeyFile /root/.acme.sh/www.exmple.com/www.exmple.com.key
SSLCACertificateFile /root/.acme.sh/www.exmple.com/ca.cer
DocumentRoot "/var/www/html"
ServerName www.example.com:443
```
保存，重启httpd
```
systemctl restart httpd
```
不出意外的话可以通过https访问了
## 开启强制https访问
```
vi /etc/httpd/conf/httpd.conf
```
找到
```
Include conf.modules.d/*.conf
```
在下一行添加
```
LoadModule rewrite_module modules/mod_rewrite.so
```
全文查找.htaccess找到
```
Options Indexes FollowSymLinks
    # 
    #  AllowOverride controls what directives may be placed in .htaccess files.
    #  It can be "All", "None", or any combination of the keywords:
    #  Options FileInfo AuthConfig Limit
    # 
    AllowOverride None
```
将AllowOverride None改为AllowOverride all
然后进入网站根目录
```
cd /usr/www/html
```
新建.htaccess文件
```
vi .htaccess
```
添加如下内容:
```
<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{SERVER_PORT} !^443$
    RewriteCond %{REQUEST_URI} !^/tz.php
    RewriteRule (.*) https://%{SERVER_NAME}/$1 [R]
</IfModule>
```
重启httpd

Last modification：June 11th, 2020 at 06:31 pm