电脑技术学习

apache+mysql+php+ssl服务器之完全安装攻略

dn001
服务器,并以启用SSL的选项重启它。
# /usr/local/apache/bin/apachectl stop
# /usr/local/apache/bin/apachectl startssl

测试它是否工作:通过用一个Netscape与服务器连接并且选择https协议,即:https://youserver.yourdomain.comhttp://yoursever.yourdomain.com:443 ,也可以再试一下你的服务器的 ip地址,即:https://xxx.xxx.xxx.xxxhttp://xxx.xxx.xxx.xxx:443

如果它起作用了,服务器将把证书发送到浏览器以建立一个安全连接。这将让浏览器提示你接受自己签署的证书。,如果它是来自VeriSign或Thawte的一张证书,那么浏览器将不提示你,因为证书来自一个可信的证书授权机构(CA)。在我们的情况中,我们创建并签署我们自己的证书……我们不想马上买一个。首先,我们想要保证我们能使一切正常。

你在Netscape中将看见启用了下列选项。这就告诉你一个安全的连接已经建立起来了。


PHP和MySQL能一起工作吗??

现在,我们可以确定php能与MySQL一起工作,通过创建一个简单的脚本,对“test2数据库做一些插入和数据删除操作。只是一个简单的脚本以测试它是否工作了。在另一篇文章中我们将讨论PHP脚本连接一个 MySQL数据库。还记得我们已经创建立了数据库和一张表。我们可以现在完成它,但是我选择不。我想要再检查一次root有权限创建立数据库和表,然而,PHP提供了对MySQL的提供,因此我能很容易地编写代码以创建一个测试数据库和若干条记录。

记得我们以前创建了书籍数据库。如果你跳过了以前的内容,这部分将不工作。我们创建了有一个“books表的test2数据库,并且为一本书插入了一条记录。

这个脚本基本上浏览该表并列出所有字段名,它的确很简单。

< ?
$dbuser = "root"
$dbhost = "localhost"
$dbpass = "password"
$dbname = "test2"
$dbtble = "books"
$mysql_link = mysql_connect($dbhost,$dbuser,$dbpass);
$column = mysql_list_fields($dbname,$dbtble,$mysql_link);
for($i=0; $i< mysql_num_fields($column); $i++ )
{
print mysql_field_name($column,$i )."< br> "
}
?>

一个更复杂的例子将向你演示PHP某些绝妙的功能。

< html>
< head>
< title> Example 2 -- more details< /title>
< /head>
< body bgcolor="white">
< ?
$dbuser = "root"
$dbhost = "localhost"
$dbpass = "password"
$dbname = "test2"
$dbtable = "books"
//------ DATABASE CONNECTION -------//
$mysql_link = mysql_connect($dbhost,$dbuser,$dbpass);
$column = mysql_list_fields($dbname,$dbtable,$mysql_link);
$sql = "SELECT * FROM $dbtable"
$result = mysql_db_query($dbname,$sql);
?>
< table bgcolor="black">
< tr> < td>
< table>
< /td> < /tr>
< /table>

< /body>
< /html>

注意,我们竟能在同一文件中同时有HTML和PHP命令。这就是PHP脚本的奇妙之处。


虚拟主机的设置

现在是设置Apache处理一些虚拟主机的时间了。由于Apache提供的灵活性,虚拟主机可很简单地做到。首先你需要一个DNS服务器把虚拟主机的域名指向web服务器的IP地址。在DNS使用一个CNAME记录把 your_virtual_domain.com指向服务器的IP。其次你需要修改Apache的配置文件httpd.conf以增加新的虚拟域名。记住,这只是一个很基本的例子,你有勇气读一下Apache的指令。

让我们看一个 httpd.conf 的例子。

httpd.conf 片断

#--------------------------------------------------------#
# VIRTUAL HOST SECTION NON-SSL
#--------------------------------------------------------#
# VirtualHost directive allows you to specify another virtual
# domain on your server. Most Apache options can be specified
# within this section.

# Mail to this address on errors
ServerAdmin webmaster@domain1.com

# Where documents are kept in the virtual domain
# this is an absolute path. So you may want to put
# in a location where the owner can get to it.
DocumentRoot /home/vhosts/domain1.com/www/

# Since we will use PHP to create basically
# all our file we put a directive to the Index file.
DirectoryIndex index.php

# Name of the server
ServerName www.domain1.com

# Log files Relative to ServerRoot option
ErrorLog logs/domain1.com-error_log
TransferLog logs/domain1.com-access_log
RefererLog logs/domain1.com-referer_log
AgentLog logs/domain1.com-agent_log

# Use CGI scripts in this domain. In the next case you
# can see that it does not have CGI scripts. Please
# read up on the security issues relating to CGI-scripting.
ScriptAlias /cgi-bin/ /var/www/cgi-bin/domain1.com/
AddHandler cgi-script .cgi
AddHandler cgi-script .pl

# This is another domain. Note that you could host
# multiple domains this way...

# Mail to this address on errors
ServerAdmin webmaster@domain2.com

# Where documents are kept in the virtual domain
DocumentRoot /virtual/domain2.com/www/html

# Name of the server
ServerName www.domain2.com

# Log files Relative to ServerRoot option
ErrorLog logs/domain2.com-error_log
TransferLog logs/domain2.com-access_log
RefererLog logs/domain2.com-referer_log
AgentLog logs/domain2.com-agent_log

# No CGI's for this host

# End: virtual host section

使用上述例子在你的服务器上创建你自己的虚拟主机。如果你想从Apache网站上阅读每一条指令,它的网址是:http://www.apache.org


SSL虚拟主机

创建SSL虚拟主机类似非SSL。除了你需要指定另外的指令,还有,你需要增加一个DNS记录并且修改 httpd.conf。这里有一个例子。

#--------------------------------------------#
# SSL Virtual Host Context
#--------------------------------------------#

# General setup for the virtual host
DocumentRoot /usr/local/apache/htdocs
ServerAdmin webmaster@securedomain1.com
ServerName www.securedomain1.com
ErrorLoglogs/domain1.com-error_log
TransferLog logs/domain1.com-transfer_log

# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on

# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A test
# certificate can be generated with `make certificate' under
# built time. Keep in mind that if you've both a RSA and a DSA
# certificate you can configure both in parallel (to also allow
# the use of DSA ciphers, etc.)
# Note that I keep my certificate files located in a central
# location. You could change this if you are an ISP,;or;ASP.

SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt

# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)

SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key

# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog /usr/local/apache/logs/ssl_request_log

"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b"

记住你有很多指令可以指定。我们将在另一篇有关配置Apache的文章中讨论,本文只是一个入门性指南。