Providing Apache HTTPD Web Service - Virtual Host Configuration

########## INSTALL AND CONFIGURE BASIC WEBSITE ###########
INSTALL PACKAGE:-
[root@Server /]# yum install httpd httpd-manual
FIREWALL CONFIGURATION:-
[root@Server /]# firewall-cmd --permanent --add-service=http

[root@Server /]# firewall-cmd --permanent --add-service=https
[root@Server /]# firewall-cmd --reload
[root@Server /]# systemctl enable httpd.service

[root@Server /]# systemctl restart httpd.service
[root@Server /]# vim /var/www/html/index.html

This is a Test Page !!!
http://192.168.110.30/index.html
HTTP CONFIGURATION:-
[root@Server /]# vim /etc/httpd/conf/httpd.conf
########## CONFIGURE A VIRTUAL HOSTS #############
INSTALL PACKAGE:-
[root@Server /]# yum install httpd httpd-manual
SETUP A VIRTUAL HOST:-
CREATE Content directories.
[root@Server /]# mkdir -p /WebSites/{Site1,Site2}/www
CREATE index.html file for each Site.
[root@Server /]# vim /WebSites/Site1/www/index.html

This is WebSite1 !!!
[root@Server /]# vim /WebSites/Site2/www/index.html

SELinux CONFIGURATION:-
[root@Server /]# yum install policycoreutils-python-2.5-11.el7_3.x86_64
[root@Server ~]# ls -lZ /var/www/html/

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 index.html
[root@Server /]# semanage fcontext -a -t httpd_sys_content_t '/WebSites/.*)?'
[root@Server /]# restorecon -Rv /WebSites/

[root@Server ~]# semanage fcontext -a -t httpd_sys_content_t "/WebSites(/.*)?"
[root@Server ~]# restorecon -Rv /WebSites/
[root@Server ~]# ls -lZ /WebSites/

drwxr-xr-x. root root unconfined_u:object_r:httpd_sys_content_t:s0 Site1
[root@Server ~]# cp /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf

/etc/httpd/conf.d/vhost1.conf
CONFIGURE 1ST VHOST:-
[root@Server ~]# vim /etc/httpd/conf.d/vhost1.conf
<VirtualHost *:80>
ServerAdmin root@site1.oit..com
DocumentRoot "/WebSites/Site1/www"
ServerName site1.oit.com
ServerAlias www.site1.oit.com
ErrorLog "/var/log/httpd/site1.oit.com-error_log"
CustomLog "/var/log/httpd/site1.oit.com-access_log" combined
<Directory "/WebSites/Site1/www">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
[root@Server ~]# systemctl restart httpd.service

[root@Server ~]# systemctl enable httpd.service
CONFIGURE 2ND VHOST:-
<VirtualHost *:80>
ServerAdmin root@site2.oit.com
DocumentRoot "/WebSites/Site2/www/"
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
[root@Server ~]# systemctl restart httpd.service

[root@Server ~]# systemctl enable httpd.service
Access Site:-
[root@Client /]# curl site1.oit.com

[root@Client /]# curl site2.oit.com
############# CONFIGURE TLS ENABLED VIRTUAL HOSTS ##################
FIREWALL CONFIGURATION:-
[root@Server ~]# firewall-cmd --add-service=https

[root@Server ~]# firewall-cmd --reload
INSTALL GENKEY PACKAGE:-
[root@Server ~]# yum install crypto-utils mod_ssl

-----------------------------------------------------------------------------------
GENARATE SSL CERTIFICATE:-
You are now generating a new keypair which will be used to encrypt all SSL traffic
to the server named site3.oit.com.
The key will be stored in

/etc/pki/tls/private/site3.oit.com.key
The certificate stored in
/etc/pki/tls/certs/site3.oit.com.crt
Press NEXT>
Choose the size of your key.

2048 (medium-security, medium speed) [RECOMMENDED]
Press NEXT>
Generating random bits

(this may take some time)
NEXT>
Generate CSR
Would you like to send a Certificate Request (CSR) to a Certificate Authority (CA)?
NO Encripting the Kry:-
NEXT>
Enter details for your certificate

Country Name (ISO 2 letter code) LK
Common Name (fully qualified domain name) site3.oit.com
NEXT>
A copy of this CSR has been saved in the file

/etc/pki/tls/certs/site3.oit.com.0.csr
[root@Server /]# openssl req -newkey rsa:2048 -keyout

/etc/pki/tls/private/site3.oit.com.key -nodes -x509 -days 365 -out
/etc/pki/tls/certs/site3.oit.com.crt
[root@Server /]# ls -la /etc/pki/tls/certs/site3.oit.com.crt

-rw-r--r--. 1 root root 1391 May 11 16:12 /etc/pki/tls/certs/site3.oit.com.crt
-----------------------------------------------------------------------------------
-
[root@Server ~]# mkdir -p /WebSites/Site3/www

[root@Server ~]# vim /WebSites/Site3/www/index.html
This is a TLS enabled WebSite3 !!!
[root@Server ~]# ls -lZ /WebSites/


CONFIGURE 3RD VHOST:-
[root@Server ~]# vim /etc/httpd/conf.d/vhost3.conf
<VirtualHost *:443>
ServerAdmin root@sitei3.oit.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
SSLEngine on
SSLProtocol all -SSLv2 -SSLV3
SSLCipherSuite HIGH:MEDIUM:!aNull:!MD5
SSLHonorCipherOrder on
SSLCertificateFile /etc/pki/tls/certs/site3.oit.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/site3.oit.com.key
DocumentRoot "/WebSites/Site3/www/"
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
[root@Client /]# curl --insecure https://site3.oit.com

This is a TLS enabled WebSite3 !!!
REF:-
https://www.lisenet.com/2016/advanced-apache-configuration-with-selinux-on-rhel-7/
https://www.rootusers.com/how-to-configure-tls-security-in-apache/

Providing Apache HTTPD Web Service - Virtual Host Configuration

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Providing Apache HTTPD Web Service - Virtual Host Configuration

Transféré par

Droits d'auteur :

Formats disponibles

########## INSTALL AND CONFIGURE BASIC WEBSITE ###########

[root@Server /]# yum install httpd httpd-manual

[root@Server /]# firewall-cmd --permanent --add-service=http

[root@Server /]# systemctl enable httpd.service

[root@Server /]# vim /var/www/html/index.html

[root@Server /]# systemctl restart httpd.service

[root@Server /]# vim /etc/httpd/conf/httpd.conf

########## CONFIGURE A VIRTUAL HOSTS #############

[root@Server /]# yum install httpd httpd-manual

SETUP A VIRTUAL HOST:-

CREATE Content directories.

[root@Server /]# mkdir -p /WebSites/{Site1,Site2}/www

CREATE index.html file for each Site.

[root@Server /]# vim /WebSites/Site1/www/index.html

[root@Server /]# vim /WebSites/Site2/www/index.html

[root@Server /]# yum install policycoreutils-python-2.5-11.el7_3.x86_64

[root@Server ~]# ls -lZ /var/www/html/

[root@Server /]# semanage fcontext -a -t httpd_sys_content_t '/WebSites/.*)?'

[root@Server /]# restorecon -Rv /WebSites/

[root@Server ~]# ls -lZ /WebSites/

[root@Server ~]# cp /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf

CONFIGURE 1ST VHOST:-

[root@Server ~]# vim /etc/httpd/conf.d/vhost1.conf

[root@Server ~]# systemctl restart httpd.service

CONFIGURE 2ND VHOST:-

[root@Server ~]# systemctl restart httpd.service

[root@Client /]# curl site1.oit.com

[root@Server ~]# firewall-cmd --add-service=https

INSTALL GENKEY PACKAGE:-

[root@Server ~]# yum install crypto-utils mod_ssl

The key will be stored in

Choose the size of your key.

Generating random bits

Enter details for your certificate

A copy of this CSR has been saved in the file

[root@Server /]# openssl req -newkey rsa:2048 -keyout

[root@Server /]# ls -la /etc/pki/tls/certs/site3.oit.com.crt

[root@Server ~]# mkdir -p /WebSites/Site3/www

[root@Server ~]# ls -lZ /WebSites/

[root@Server ~]# cp /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf

CONFIGURE 3RD VHOST:-

[root@Server ~]# vim /etc/httpd/conf.d/vhost3.conf

[root@Server /]# systemctl restart httpd.service

[root@Client /]# curl --insecure https://site3.oit.com

Vous aimerez peut-être aussi