如何在Lighttpd Server中配置SSL

# mkdir /etc/lighttpd/ssl/

# cd /etc/lighttpd/ssl/

# openssl req -new -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.csr

Generating a 2048 bit RSA private key

....+++

...............+++

writing new private key to 'example.com.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [XX]:IN

State or Province Name (full name) []:Delhi

Locality Name (eg, city) [Default City]:Delhi

Organization Name (eg, company) [Default Company Ltd]:TecAdmin Inc.

Organizational Unit Name (eg, section) []:web

Common Name (eg, your name or your server's hostname) []:example.com

Email Address []:user@example.com

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []: [Leave Blank]

An optional company name []: [Leave Blank]

# openssl x509 -req -days 365 -inexample.com.csr-signkeyexample.com.key-outexample.com.crt

# cat example.com.key  example.com.crt > example.com.pem

$SERVER["socket"] == ":443" {

        ssl.engine = "enable"

        ssl.pemfile = "/etc/lighttpd/ssl/tecadmin.net.pem"

      # ssl.ca-file = "/etc/lighttpd/ssl/CA_issuing.crt"

        server.name = "site1.tecadmin.net"

        server.document-root = "/sites/vhosts/site1.tecadmin.net/public"

        server.errorlog = "/var/log/lighttpd/site1.tecadmin.net.error.log"

        accesslog.filename = "/var/log/lighttpd/site1.tecadmin.net.access.log"

}

# lighttpd -t -f /etc/lighttpd/lighttpd.conf

Syntax OK

# service lighttpd restart