在Ubuntu系统中配置PHP以使用SSL证书,通常涉及以下几个步骤:
安装SSL证书:
安装和配置Web服务器:
安装Apache(如果尚未安装):
sudo apt update
sudo apt install apache2
启用SSL模块:
sudo a2enmod ssl
重启Apache:
sudo systemctl restart apache2
配置SSL证书:
sudo nano /etc/apache2/sites-available/default-ssl.conf
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCACertificateFile /etc/letsencrypt/chain.pem
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
启用SSL站点:
sudo a2ensite default-ssl
重启Apache:
sudo systemctl restart apache2
安装Nginx(如果尚未安装):
sudo apt update
sudo apt install nginx
配置SSL证书:
sudo nano /etc/nginx/sites-available/default
server {
listen 443 ssl;
server_name yourdomain.com www.yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
ssl_prefer_server_ciphers on;
root /var/www/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # 根据你的PHP版本调整
}
location ~ /\.ht {
deny all;
}
}
重启Nginx:
sudo systemctl restart nginx
测试SSL配置:
确保PHP脚本能够正确处理SSL请求。你可以通过创建一个简单的PHP文件来测试:
<?php
if ($_SERVER['HTTPS'] != "on") {
header("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
echo "SSL is working!";
?>
将这个文件放在你的Web服务器的根目录下,然后通过浏览器访问它。如果看到“SSL is working!”的消息,说明你的PHP配置正确。
通过以上步骤,你应该能够在Ubuntu系统中成功配置PHP以使用SSL证书。
辰迅云「云服务器」,即开即用、新一代英特尔至强铂金CPU、三副本存储NVMe SSD云盘,价格低至29元/月。点击查看>>
推荐阅读: ubuntu中appimage安装的步骤是什么