hamaのページ
hamaのページ
 

apache2 Solaris

apache2の起動

bash-3.00# cd /etc/apache2
bash-3.00# cp httpd.conf-example httpd.conf
bash-3.00# cd /var/run
bash-3.00# mkdir apache2
bash-3.00# svcadm enable apache2
bash-3.00# svcs -l apache2
fmri         svc:/network/http:apache2
name         Apache 2 HTTP server
有効         true
状態         online
next_state   none
state_time   2007年05月17日 (木) 00時25分39秒
logfile      /var/svc/log/network-http:apache2.log
リスタータ   svc:/system/svc/restarter:default
contract_id  323
dependency   require_all/error svc:/milestone/network:default (online)
dependency   require_all/none svc:/system/filesystem/local:default (online)
dependency   optional_all/error svc:/system/filesystem/autofs:default (online)

自己証明書の作成

bash-3.00# cd /etc/apache2
bash-3.00# mkdir ssl.key ssl.crt
bash-3.00# /usr/sfw/bin/openssl genrsa -out /etc/apache2/ssl.key/server.key 1024
Generating RSA private key, 1024 bit long modulus
........................++++++
........++++++
e is 65537 (0x10001)


bash-3.00# /usr/sfw/bin/openssl req -new -days 365  -key/etc/apache2/ssl.key/server.key -out /etc/apache2/ssl.crt/server.csr
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:JP
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:.
Organization Name (eg, company) [Unconfigured OpenSSL Installation]:Hama
Organizational Unit Name (eg, section) []:.
Common Name (eg, YOUR name) []:192.168.1.104
Email Address []:

Please enter the following 'extra' attributes to be sent with your certificate request
A challenge password []:
An optional company name []:


#svccfg
svc:> select apache2
svc:/network/http:apache2> editprop

とし、viで編集する。
以下の行の#を外し、falseをtrueに変更。 

# setprop httpd/ssl = boolean: (false) 
→setprop httpd/ssl = boolean: (true)


svc:/network/http:apache2>quit

SMFに変更を反映

#svcadm refresh apache2
#svcadm disable apache2
#svcadm enable apache2

以上で、SSLでも通信が可能になった。