First, Apache2 under Ubuntu
1. Install Apache2
sudo apt-get install apache2
– The default site is in /var/www/
– The configuration file is in /etc/apache2/
– The log is in /var/log/apache/
– The startup script is /etc/init.d/apache2
2. Files and files under etc/apache2
apache2.conf:The main configuration file for Apache, including the global configuration.
envvars:Apache2 environment variable settings.
ports.conf:Configure the port that Apache listens on.
mods-available:This directory contains module and module configuration files. Not all modules have configuration files.
mods-enabled:Hold a link to the file in the /etc/apache2/mods-available directory. When there is a module file and its configuration file in the directory, the module will take effect after Apache restarts.
sites-available:This directory contains the configuration files for the Apache virtual host. Virtual hosts allow Apache to configure multiple sites and configure different parameters for each site. When configured in the back, the http redirected http port will be configured as https of 443.
sites-enabled:Hold a link to the file in the /etc/apache2/sites-available directory. When Apache restarts, the sites contained in this directory will be activated.
3.SSL configuration
Install openssl
sudo apt-get install openssl
Enable the ssl module
sudo a2enmod ssl
If invalid, enter the following two commands
sudo ln -s /etc/apache2/mods-available/ssl.load /etc/apache2/mods-enabled/ssl.load sudo ln -s /etc/apache2/mods-available/ssl.conf /etc/apache2/mods-enabled/ssl.conf
Obtain a certificate
Apply for a free certificate from Tencent Cloud or Alibaba Cloud
Tencent Cloud:https://console.qcloud.com/ssl
Aliyun:https://help.aliyun.com/document_detail/28548.html
There will be 3 files
1_root_bundle.crt
2_xxx.crt
3_xxx.key
Second, Configuring HTTPS (SSL)
1.Go to /etc/apache2/ports.conf
Check if there is
Listen 80 Listen 443
If not, add it
2.Configuring the ssl virtual site
After the above installation, a default default-ssl file will be generated in the /etc/apache2/sites-available/ directory. The default web directory is still /var/www/. We can create a link to the site-enabled directory.
sudo ln -s /etc/apache2/sites-available/default-ssl /etc/apache2/sites-enabled/001-ssl
If you don’t want to use a soft link, you can copy default-ssl.conf from sites-available to sites-enabled (representing the enabled configuration) and then modify default-ssl.conf
SSLCertificateFile SSLCertificateKeyFile SSLCertificateChainFile
Configured as
SSLCertificateFile ***/2_xxx.crt SSLCertificateKeyFile ***/3_xxx.key SSLCertificateChainFile ***/1_root_bundle.crt
Restart apache, you should already be able to access https
sudo service apache2 restart
Three, Set http redirect to https
1.Start redirect
Start rewrite mod
sudo a2enmod rewrite or sudo ln -s /etc/apache2/mods-available/rewrite.load /etc/apache2/mods-enabled/rewrite.load
2.Set http port redirection
Open /etc/apache2/sites-available/000-default.conf ,
Add the following three lines in one place in the <\VirtualHost *:80><\VirtualHost> tag.
RewriteEngine on RewriteCond %{HTTPS} !=on RewriteRule ^(.*) https://%{SERVER_NAME}$1 [L,R=301]
Or create a new .htaccess input in the website directory.
RewriteEngine on RewriteBase / RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^.* https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]
3.Last restart
sudo service apache2 restart
If you use WordPress,
Need to be modified in the settings tohttps://www