http://www.zend.com/tips/tips.php?id=152&single=1
http://www.linuxhelp.net/guides/apachessl/
http://www.moph.go.th/helpdesk/squid/linux-01.php
http://nuke.thaihealth.net/article86.html
*** http://www.linux-sxs.org/internet_serving/apache2.html ละเอียดชัดเจน
http://bloggang.com/mainblog.php?id=naigod&month=07-12-2005&group=4&blog=1
http://itweb.lib.ru.ac.th/webboard/00193.html
http://www.witty.net/books/apache.html
*** http://forum.modoeye.com/module30-32.html (สุดยอดจริง ๆ )
http://www.ca.tot.co.th/knowledge_ssl.html (ความหมายไม่ยาว)
http://thaicert.nectec.or.th/paper/unix_linux/apache_chklist.php (เป็นเพียง check list)
http://www.acisonline.net/article_prinya_eweek_151147.htm (ช่องโหว่ของ SSL)
http://www.phpconcept.com/index.php?option=content&task=view&id=12&Itemid=28 (ติดตั้งหลายอย่าง)
http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/x246.html
http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/x195.html
http://www.stanton.dtcc.edu/stanton/cs/admin/notes/ssl/
*** http://www.madboa.com/geek/openssl/
http://bruno.vernay.free.fr/wp/index.php?tag=fedora
http://www.joreybump.com/code/howto/smtpauth.html (SSL for SMTP)
http://silas.psfc.mit.edu/tp41FC4.html (Thinkpad และ Fedora Core 4)
http://fedorasrv.com/postfix-tls.shtml
http://www.esensualstudios.com/linux.php
http://www.shitomi.jp/server/apache.html
http://www.macmil.co.jp/macmil/linux017.htm (core 3 และ core 4)
http://www.trdlo.cz/webserver.php
http://www.scalix.com/community/viewtopic.php?t=1634
*** http://fedoracore4.com/SSLv-domain.php
http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html
http://www.tc.umn.edu/~brams006/selfsign.html
http://www.apache-ssl.org/httpd.conf.example
http://www.a-yu.com/net/apache07.html
http://www.aconus.com/~oyaji/www/apache_linux_ssl.htm
http://www.mail-archive.com/modssl-users@modssl.org/msg17111.html
in Fedora Core 4
#rpm -q httpd
httpd-2.0.54-10
#rpm -ql openssl
#rpm -q mod_ssl
mod_ssl-2.0.54-10
#rpm -qa |grep ssl
mod_ssl-2.0.54-10
openssl-0.9.7f-7
openssl-devel-0.9.7f-7
#yum install httpd
#find / -name openssl.cnf
/etc/pki/tls/openssl.cnf
#mkdir /var/www/html/ssl
#chmod 777 /var/www/html/ssl
#vi /etc/httpd/conf.d/ssl.conf
old #DocumentRoot "/var/www/html"
old #ServerName www.example.com:443
new DocumentRoot "/var/www/html/ssl"
new ServerName yn1.yonok.ac.th:443
#cat ssl.conf|grep key
#cd /etc/pki/tls/private
#cat localhost.key
#cd /etc/pki/tls/certs
#cat localhost.crt
#cat /etc/pki/tls/openssl.cnf
#cd /etc/pki/tls/misc
#./CA -newca
#./CA -newreq
#./CA -sign
found newcert.pem newreq.pem in /etc/pki/tls/misc
copy newreq.pem ไปไว้ใน private
copy newcert.pem เป็น localhost.crt ไปไว้ใน certs
แล้ว #openssl rsa -in newreq.pem -out localhost.key
แล้ว #openssl x509 -in newcert.pem -out localhost.crt
หรือ openssl req -x509 -nodes -newkey rsa:1024 -keyout localhost.crt -out localhost.crt
จากนั้นก็ restart httpd
#openssl version -a
#openssl help
#openssl speed
#openssl verify newcert.pem
===============
http://www.macmil.co.jp/macmil/linux017.htm
#yum -y install mod_sslกก
#ln -s /etc/pki/tls/certs/Makefile /etc/httpd/conf/
#cd /etc/httpd/conf
#make server.key
#/usr/bin/openssl rsa -in server.key -out server.key
#make server.csr
#/usr/bin/openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365
#chmod 400 server.*
#vi /etc/httpd/conf.d/ssl.conf
old #DocumentRoot "/var/www/html"
new DocumentRoot "/var/www/html/ssl"
old #ServerName www.example.com:443
new ServerName yn1.yonok.ac.th:443
old SSLCertificateFile /etc/pki/tls/certs/localhost.crt
new SSLCertificateFile /etc/httpd/conf/server.crt
old SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
new SSLCertificateKeyFile /etc/httpd/conf/server.key
#vi /etc/sysconfig/selinux
old SELINUX=enforcing
new SELINUX=disabled
#/etc/init.d/httpd restart
=========
httpd.conf
NameVirtualHost 202.29.78.1:*
<VirtualHost 202.29.78.1>
DocumentRoot /var/www/html/isinthai
ServerName www.isinthai.com
</VirtualHost>
<VirtualHost 202.29.78.1:443>
DocumentRoot /var/www/html/ssl
ServerName www.isinthia.com:443
SSLEngine on
SSLCertificateFile /etc/httpd/conf/server.crt
SSLCertificateKeyFile /etc/httpd/conf/server.key
</VirtualHost>
NameVirtualHost 202.29.78.12
<VirtualHost 202.29.78.12>
DocumentRoot /var/www/html
ServerName yn1.yook.ac.th
</VirtualHost>
<VirtualHost 202.29.78.12>
DocumentRoot /var/www/html/japan
ServerName japan.yonok.ac.th
AddDefaultCharset ISO-2022-JP
AddCharset ISO-2022-JP .iso2022-jp .jis
AddCharset ISO-2022-KR .iso2022-kr .kis
AddCharset ISO-2022-CN .iso2022-cn .cis
</VirtualHost>
<VirtualHost 202.29.78.12>
DocumentRoot /var/www/html/yie
ServerName yie.yonok.ac.th
AddDefaultCharset ISO-2022-CN
AddCharset ISO-2022-JP .iso2022-jp .jis
AddCharset ISO-2022-KR .iso2022-kr .kis
AddCharset ISO-2022-CN .iso2022-cn .cis
</VirtualHost>
<VirtualHost 202.29.78.12>
DocumentRoot /var/www/html/science
ServerName science.yonok.ac.th
</VirtualHost>
<VirtualHost 202.29.78.12>
DocumentRoot /var/www/html/niti
ServerName niti.yonok.ac.th
</VirtualHost>
|