SME server configuration solution (Apache + JSERV rectification, etc.)

zhaozj2021-02-11  210

SME server configuration solution (Apache JSERV rectification, etc.)

2001-06-05 12:17

Publisher: NetBull Readings: 102 Tang Haizhen (Submission) Section 3 Apache JServ whole and one, required source package: JDK-1_2_2_006-linux-i386.tar.gz JSDK20-Solaris2-SPARC [1] .tar.z ApachejServ-1.1.2.tar.gz II. Installation Process 1 Ln -s JDK / JRE JRE (3) Set $ ​​java_home, $ classpath vi /root/.bash_profile joining: java_home = / usr / local / jdk export java_home classpath = / usr / local / jdk / lib: / usr / local / JRE / LIB EXPORT CLASSPATH PATH = $ PATH: / USR / local / jdk / bin: / usr / local / jre / bin Note: The installation of JDK is over. 2. Install JSDK (1) TAR ZXVF JSDK20-Solaris2-Sparc [1] .tar.z (2) Move the JSDK2.0 directory to /usr/local/jsdk2.0 MV JSDK2.0 / usr / local / JSDK2.0 Note: The installation of JSDK is over. 3. Apache and Jserv Static Mixed Compile So-called Static Compilation refers to the compilation of JSERV into Apache (1) tar xvzf apache_1.3.12.tar.gz tar xvzf apachejserv-1.1.2.tar.gz (2) CD Apache_1. 3.12 ./configure --prefix = / usr / local / apache (3) Configuring Apache JSERV Compilation Parameters CD ../apachejserv-1.1.2 ./configure --prefix = / usr / local / jserv --with-apache- SRC = .. / Apache_1.3.12 --with-jdk-home = / usr / local / jdk1.2.2 --with-java-platform = 2 --with-jsdk = / usr / local / jsdk2.0 / lib / JSDK.jar make make install (4) Compile Apache and Apache Jserve CD ../apache_1.3.12 ./configure --prefix = / usr / local / apache --activate-module = src / modules / jserv / libjServ.a make Make Install (5) Perform / USR / local / apache / bin / httpd -l Check if mod_jserv compiles to Apache (6) Change Profile /usr/local/apache/conf/httpd.conf Add include / usr / local /jserv/etc/jserv.conf (7) Change Profile /usr/local/jServ/etc/JServ.conf setHandler Jserv-status Order Deny, ALLOW DENY From ALL Add to your trust host allow from xxxx on trust host You can see your Apache JServ configuration information via http: // yourserver / jserv / (note this "/" cannot be less).

Then in / usr / local / jserv / servlets, put your own servlet class experiment, the test results indicate that there is no Chinese display problem in redhat6.2, everything is OK! Other About Servlet Zone, Load Balance, etc. Please refer to the Apache Jserve documentation and java.apache.org website Note: Apache and Jserv hybrid compile to this end Third, the final test: 1. Start Apache: / usr / local / apache / bin / apachectl start 2. Test http:// YourServer / servlets / isitworking in browser to see Yes, ITS WORKING! you made it! ! Section IV LINUX Apache, PHP3, Mysql's Integration First, the required installation package apache_1.3.19.tar.gz php-4.0.4.tar.gz mysql-3.23.32.tar.gz Note: All of the above Code instead of RPM package 2, software installation 1. Install mysql (1) Unpack compression package CD / usr / local tar -zvxf mysql-3.23.32.tar.gz (2) will generate mysql-3.23.32 directory to / usr / local / mysql mv mysql-3.23.32 / usr / local / mysql (3) Compile MYSQL CD / USR / local / mysql ./configure --prefix = / usr / local / mysql make make install (4) Installation Database file / usr / local / mysql / scripts / mysql_install_db / usr / local / mysql / bin / safe_mysqld & (5) mysql authorized operation MySQL's access control technology is powerful, more flexible than Postgres. The encryption algorithm of the username and password used by MySQL is the same as the UNIX system, and its username can be 16 characters long. First log in to MySQL in root, then type grant all privalhost iDentified by 'THJ' with Grant Option at MySQL prompt; in this way, you can use the server from the server from this server regardless of where the user THJ is logged in. Mysql. (6) MYSQL database simple operation statement creates a database command: CREATE DATABASE database name; delete database command: DROP Database database name; Query Mysql What database command: show databases; change the currently used database command: Use tbl_name Create a data sheet Command: CREATE TABLE TBL_NAME (COLUMN_SPECS); Description: TBL_NAME Data Table Name Column_SPECS Table Columns Description Query Structure Command: Describe TBL_NAME; Query Database: Show Tables; Add New Record Command : INSERT INTO TBL_NAME (col_name1, col_name2, ...) VALUES (Values1, Values2, ...) Description: The INSERT statement is easy to use, but it also has a defect, which is only one record.

Batch loading data command: load data local infile "filename.txt" INTO TABLE TBL_NAME "Description: The version of MySQL is not less than 3.22.15, otherwise Load Data Local does not work. This statement is actually called / usr / bin / mysqlimport. Search information command: SELECT To select something from one or more table where data must be met: In MySQL, each time you type a command, you have to type ";", the flag is a command. After you knock back to the car, knock Go, prompt the system to perform the command; in addition, in the reference book about MySQL, the command is uppercase, and it is possible to do it; if there is, the USE statement can not add ";" This is the only one that does not need to be added in all MySQL languages; "can be executed. Note: MYSQL is installed to this end 2. Apache, PHP3 mixed compile (1) Unstaged compression package CD / USR / local tar xvzf apache_1.3.19.tar.gz tar xvzf php-4.0.4.tar.gz mv apache_1 .3.19.tar.gz apache mv PHP-4.0.4.tar.gz php (2) Put Apache installation directory to / usr / local / apache cd apache ./configure --prefix = / usr / local / apache - -with-port = 8000 (3) Configuration supports mysql, as an Apache function module, tracking variables effective cd ../php ./configure --with-mysql = / usr / local / mysql --with- apache = .. / Apache --enable-track-vars -with-pgsql = / usr / lib / pgsql --prefix = / usr / local / apache / php -with-config-file-path = / usr / local / apache / php make make Install Note: Installation of PHP to this end (4) Configure Apache, add PHP4 module cd ../apache cp /usr/local/php/libs/libphp4.a / usr / local / apache / src / modules / php4. / configure --prefix = / usr / local / apache --activate- module = src / modules / php4 / libphp4.a --with-port = 8000 make make install Note: Apache is installed 3. Change configuration (1) Copy the php.ini file to the / usr / local / apache / php directory. Cd ../php cp php.ini-dist /usr/local/apache/php/php4.ini (2) Change Apache's configuration file CD / usr / local / apache / conf vi httpd.conf found AddType Application / X-httpd-php .php4 to delete the # number of its front, of course, can also add a line addtype application / x-httpd-php3 .asp will be convenient to use FrontPage editing.

Final Run / USR / local / apache / bin / apachectl start Start Apache Process Section 5 Add SSL Security Protection & 5.1 Introduction to Secure Sockets Layer of Netscape, Abbreviation SSL. As the name suggests, this is a security protocol built in the Socket layer. It shields the difference between the high-level protocol such as Telnet, FTP, HTTP, which is limited to the transmission. The protocol is currently widely adopted, and many of its defined features have become part of the next generation IP protocol IPv6. & 5.2 Required Resources & 1.2.1 Requirements 1. Apache 1.3.19.tar.gz Download Uxt: http://www.tux.org/pub/net/apache/dist/apache_1.3.17.tar.gz 2 OpenSSL 0.9.6 To generate a key and sign a certificate download URL: http://www.opensl.org/source/openssl-0.9.6.tar.gz 3. MOD_SSL 2.8.0 Download URL: http: //www.modssl.org/source/mod_ssl-2.8.0-1.3.19.tar.gz & 1.2.2 Installation Procedure 1. Compile OpenSSL: CD / USR / LOCAL TAR ZXVF OPENSSL-0.9.6.tar.gz CD /usR/local/openssl-0.9.6 ./config --prefix = / usr / local / openssl # Note that here is config instead of configure. Make Make Test Make Install 2. Compile MOD_SSL CD / USR / Local Tar ZXVF MOD_SSL-2.8.0-1.3.19 CD /USR /R/LOCAL/MOD_SSL-2.8.0-1.3.19 ./configure --with-apache =. ./apache_1.3.19 3. Compile Apache CD / USR / local TAR ZXVF APACHE_1.3.19 CD /USR/LOCAL/APache_1.3.19 SSL_BASE = .. / OpenSSL-0.9.6 ./configure --prefix = / usr / local / Apache_1.3.19 --enable-module = ssl --enable-shared = SSL Make 4. Generate CA Make CERTIFICATE TYPE = Custom Description: This step is to generate your own CA (if you don't know, I can't say, Simply put is the certification center), and use it to sign a certificate for your server.

Step 0: Select algorithm, use default RSA Step 1: Generate Ca.Key, CA's private key Step 2: Generate X.509 authentication requests CA.CSR To enter some information: Country Name: CN country code , Two letters State or Provice Name: bengbu City name Organization Name: Home CA Organization Name, just write Organization Unit Name: Mine Ca Common name: Mine Ca Email address: Sunstorm@263.net My Email Certificate Validity: 4096 more than 4,000 days, enough Step 3: Generate CA's signature, ca.crt Step 4: Generate a private key for the server, Server.Key Step 5: Generates a server authentication request, Server.cs Enter some information, similar to STEP 2, but pay attention to Common name is your site domain name, such as www.mydomain.com Certificate Validity is not too big, 365 can be. STEP 6: Sign for your server, get server.crt Step 7-8 to encrypt your Ca.Key and Server.Key, remember Pass Phrase. The following is completed with the Apache installation make install vi /usr/local/apache/conf/httpd.conf to modify Bindaddress and ServerName If you want to change DocumentRoot, you have to remember the documentroot setting settings in httpd.conf SSL Virtual Host Context section. SSLCERTIFICATEFILE and SSLCERTIFICATKEYFILE are also in the SSL Virtual Host Context section. It may be settled like this: sslcertificatefile /usr/local/apache/conf/ssl.crt/server.crt sslcertificateKeyFile /usR/local/apache_1.3.19/conf/ssl.key/server.key To pay attention to SSL.Key SSL .CRT and other directories and file permissions! All Key, CSR, CRT, and PRM files should be set to 400 properties! & 5.3 Handmade Sign Certificate Although the Make Certificate command has been established with the make certificate command when installing mod_ssl, sometimes you may need to change it. Of course, there are many automatic scripts to implement it, but the most reliable way is to manually sign a certificate. First of all, I assume that OpenSSL and MOD_SSL have been installed. If your OpenSSL installation is set to / usr / local / openssl, add the / usr / local / openssl / bin to the execution file lookup path. There is also a script in the MOD_SSL source code, which in the Pkg.Contrib directory under the MOD_SSL source code tree, the file name is sign.sh. Copy it into / usr / local / openssl / bin. First create a CA certificate, first create an RSA private key for CA, [S-1] openssl genrsa -des3 -out ca.key 1024 system prompts to enter PEM pass phrase, which is password, keep it after entering it. Generate a CA.Key file, change the file attribute to 400, and place it safe place.

[S-2] CHMOD 400 CA.KEY You can use the following command to view its content, [S-3] openssl Rsa -Noout -Text -in Ca.key creates a self-signed CA certificate using the CA's RSA key ( X.509 Structure) [S-4] OpenSSL REQ -NEW -X509 -Days 3650 -key ca.key -out ca.crt then you need to enter the following information: Country name: CN Two letters of the country code State or province name: An Hui Provincial Name Locality Name: Bengbu City Name Organization Name: Family Network Company Name Organizational Unit Name: Home Department Name Common name: chen yang Your name Email address: SunStorm@263.net email address generates a CA.CRT file, file file The attribute is changed to 400 and placed in a safe place. [S-5] CHMOD 400 CA.CRT You can use the following command to view its content, [S-6] openssl x509 -noout -text -in ca.crt Below you want to create a server certificate sign request, first create your Apache An RSA private key: [S-7] OpenSSL Genrsa -Des3 -out Server.Key 1024 here also sets the pass phrase. Generate a server.Key file, change the file attribute to 400, and placed in a safe place. [S-8] CHMOD 400 Server.Key You can use the following command to view its content, [S-9] openssl RSA -NoOut -Text -in Server.Key uses Server.Key generation certificate sign request CSR. [S-10 ] OpenSSL Req -new -key Server.Key -out Server.csR This is also necessary to enter some information, and similar in [S-4]. As for Extra Attributes without input. You can view the details of the CSR [S-11] openssl Req -noout -Text -in Server.csr The following can be signed, you need to use the script sign.sh [S-12] Sign.sh Server.csr to get Server .CRT. Change the file attribute to 400 and placed in a safe place. [S-13] CHMOD 400 Server.CRT Delete CSR [S-14] RM Server.csr Last Apache Setup If your Apache compile parameters prefix is ​​/ usr / local / apache, copy server.crt and server.key to / USR / local / apache / confation httpd.conf will change the following parameters to: sslcertificatefile /usr/local/apache/conf/server.crt sslcertificateKeyFile /usr/local/apache/conf/server.Key can be apachectl startssl trial .

转载请注明原文地址:https://www.9cbs.com/read-3596.html

New Post(0)