[转贴]http://pank.org/blog/archives/000712.html
Apache2 + SSL + PHP5
据说 Apache 2.0 的效能较好, 一些常用的 Module, 已经内含, 很方便.
准备档案
wget
http://ftp.cis.nctu.edu.tw/data/UNIX/...pd-2.0.54.tar.gzwget
http://tw.php.net/get/php-5.0.5.t...php.net/mirror安装
tar zxf httpd-2.0.54.tar.gz
tar jxf php-5.0.5.tar.bz2
cd httpd-2.0.54 (Apache2)
./configure --prefix=/usr/local/apache --sysconfdir=/usr/local/apache/conf \
--enable-module=so \
--enable-ssl --enable-rewrite --enable-proxy
make
make install
cd ../php-5.0.5 (PHP5)
./configure --with-mysql --with-apxs2=/usr/local/apache/bin/apxs \
--enable-module=so --with-config-file-path=/usr/local/etc \
--libexecdir=/usr/local/apache/libexec --with-iconv \
--with-gd --with-zlib --with-jpeg-dir
make
cp .libs/libphp5.so /usr/local/apache/modules (把 PHP5 modules copy 到 Apache modules 目录下)
SSL
参考 How can I create and use my own Certificate Authority (CA)?
cd /usr/local/apache/conf
openssl genrsa -out server.key
(若要 Apache 启动时不需密码, 就不要加 -des3, 若有加 -des3 后, 最后要调整为不要密码, 可参考 How to remove a pass phrase?)
openssl req -new -key server.key -out server.csr
openssl genrsa -out ca.key
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
./sign.sh server.csr (sign.sh 在 modssl tar ball 内 pkg.contrib 目录可以找到)
chmod 400 server.*
mv server.crt ssl.crt
mv server.key ssl.key
若觉得上述步骤太麻烦, 也可以这样来产生自签 Key
openssl req -new -x509 -nodes -out ssl.crt/server.crt -keyout ssl.key/server.key -days 3650
设定 httpd.conf
LoadModule php5_module modules/libphp5.so
DirectoryIndex index.html index.htm index.php (在 DirectoryIndex 该行后加上 index.php)
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
启动 /usr/local/apache/bin/apachectl startssl
看一些大形网站好似已都用apache2.0了