百度智能云
All Product Document

          Cloud Compute Service

          • Cloud Compute Service
          • >
          • Website Building Tutorial
          • >
          • Deploy the SSL Credential in the BCC-Apache

          Deploy the SSL Credential in the BCC-Apache

          Last Updated2020-10-21

          Configure the SSL certificate for the Web service in the Apache environment based on the Centos-7.2 Deployment LAMP Environement Tutorial. The domain name needs to be prepared in advance. The following steps are the entire process to configure and deploy the certificate.

          1. Download and Decompress a Certificate

          Enter "Baidu AI Cloud Console" -- "Security and Management" -- "SSL Certificate Service" -- "Purchased Certificate List", and then click "View Information" based on the certificate information applied for the domain name bound with this BCC.

          Click "Download Certificate", and select the PEM_Apache format, and then set the 4-digit decompression password.

          After the successful download locally, double click "Open", and then you can see the cer, crt and key files. Select "Decompress to", and set the path, and then enter the 4-digit password you just set on the console.

          2. Upload Certificate Files to BCC

          Upload the cer, crt and key files decompressed in the previous step to the BCC's Apche configuration directory /etc/httpd/conf through FTP or other tools.

          BCC_SSL_Apache_04.png

          3. Install mod_ssl and Configure the Certificate

          For Apache is directly installed from yum, you fail to directly compile and add the SSL module during the installation, so you need to install it again.

          yum install mod_ssl openssl

          After the successful installation of Apache, there is an additional file ssl.conf under the directory /etc/httpd/conf.d.

          vim /etc/httpd/conf.d/ssl.conf

          Search ServerName, uncomment this line, and change the domain name to the certificate domain name.

          Fill in the location path of three certificate files correctly.

          BCC_SSL_Apache_05.png

          After you restart httpd, you can access this site through the domain name https: //.

          4. HTTP to HTTPS Forcibly

          For Apache is installed from yum, there are not the ssl.so and httpd-ssl.conf module paths in the Apache configuration file. You can add the rewrite rules manually.

          vim vim /etc/httpd/conf/httpd.conf

          In<Directory>

          ......
</Directory>

          Add:

          RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)?$ https://%{SERVER_NAME}/$1 [L,R]

          BCC_SSL_Apache_06.png

          After you restart Apache, HTTP forcibly jumps to HTTPS when you access the site.

          Previous
          Deploy the SSL Credential in the BCC-Nginx
          Next
          BCC Deployment SSL Certificate-IIS