{"id":512,"date":"2018-06-15T14:00:00","date_gmt":"2018-06-15T05:00:00","guid":{"rendered":"https:\/\/wp.zassoul.com\/?p=512"},"modified":"2018-06-15T14:00:00","modified_gmt":"2018-06-15T05:00:00","slug":"eve-ng%e3%81%aehttps%e5%8c%96","status":"publish","type":"post","link":"https:\/\/wp.zassoul.com\/?p=512","title":{"rendered":"EVE-NG\u306eHTTPS\u5316"},"content":{"rendered":"<p>\u516c\u5f0f\u306e\u30de\u30cb\u30e5\u30a2\u30eb\u307e\u3093\u307e\u3067\u3059\u3002<br \/>\u81ea\u5df1\u8a3c\u660e\u66f8\u306a\u306e\u3067, \u30d6\u30e9\u30a6\u30b6\u306e\u8b66\u544a\u304c\u3067\u308b\u304b\u3089\u30a2\u30f3\u30c1\u30a6\u30a3\u30eb\u30b9\u30bd\u30d5\u30c8\u4f7f\u3063\u3066\u3044\u308b\u5834\u5408\u306f\u9069\u5b9c\u9664\u5916\u8a2d\u5b9a\u3059\u308b\u3002<\/p>\n<p>\u516c\u5f0f\u30de\u30cb\u30e5\u30a2\u30eb<br \/><a href=\"http:\/\/www.eve-ng.net\/documentation\/howto-s\/81-howto-enable-ssl-on-eve\">http:\/\/www.eve-ng.net\/documentation\/howto-s\/81-howto-enable-ssl-on-eve<\/a><\/p>\n<h3>SSL\u6709\u52b9\u5316 <\/h3>\n<pre>root@eve-ng:~# a2enmod ssl<br \/>Considering dependency setenvif for ssl:<br \/>Module setenvif already enabled<br \/>Considering dependency mime for ssl:<br \/>Module mime already enabled<br \/>Considering dependency socache_shmcb for ssl:<br \/>Enabling module socache_shmcb.<br \/>Enabling module ssl.<br \/>See \/usr\/share\/doc\/apache2\/README.Debian.gz on how to configure SSL and create self-signed certificates.<br \/>To activate the new configuration, you need to run:<br \/>  service apache2 restart<br \/><\/pre>\n<h3>\u81ea\u5df1\u8a3c\u660e\u66f8\u4f5c\u6210 <\/h3>\n<pre>root@eve-ng:~#  openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout \/etc\/ssl\/private\/apache-selfsigned.key -out \/etc\/ssl\/certs\/apache-selfsigned.crt<br \/>Generating a 2048 bit RSA private key<br \/>..+++<br \/>.......................................+++<br \/>writing new private key to '\/etc\/ssl\/private\/apache-selfsigned.key'<br \/>-----<br \/>You are about to be asked to enter information that will be incorporated<br \/>into your certificate request.<br \/>What you are about to enter is what is called a Distinguished Name or a DN.<br \/>There are quite a few fields but you can leave some blank<br \/>For some fields there will be a default value,<br \/>If you enter '.', the field will be left blank.<br \/>-----<br \/>Country Name (2 letter code) [AU]:JP<br \/>State or Province Name (full name) [Some-State]:Tokyo<br \/>Locality Name (eg, city) []:<br \/>Organization Name (eg, company) [Internet Widgits Pty Ltd]:Personal<br \/>Organizational Unit Name (eg, section) []:<br \/>Common Name (e.g. server FQDN or YOUR name) []:192.168.10.20<br \/>Email Address []:<br \/><\/pre>\n<h3>Conf\u4fee\u6b63 <\/h3>\n<pre>root@eve-ng:~# cat &lt;&lt; EOF &gt; \/etc\/apache2\/sites-enabled\/default-ssl.conf<br \/>&lt;IfModule mod_ssl.c&gt;<br \/>    &lt;VirtualHost _default_:443&gt;<br \/>        ServerAdmin webmaster@localhost<br \/>        DocumentRoot \/opt\/unetlab\/html\/<br \/>        ErrorLog \/opt\/unetlab\/data\/Logs\/ssl-error.log<br \/>        CustomLog \/opt\/unetlab\/data\/Logs\/ssl-access.log combined<br \/>        Alias \/Exports \/opt\/unetlab\/data\/Exports<br \/>        Alias \/Logs \/opt\/unetlab\/data\/Logs<br \/>        SSLEngine on<br \/>        SSLCertificateFile    \/etc\/ssl\/certs\/apache-selfsigned.crt<br \/>        SSLCertificateKeyFile \/etc\/ssl\/private\/apache-selfsigned.key<br \/>        &lt;FilesMatch \".(cgi|shtml|phtml|php)$\"&gt;<br \/>                SSLOptions +StdEnvVars<br \/>        &lt;\/FilesMatch&gt;<br \/>        &lt;Directory \/usr\/lib\/cgi-bin&gt;<br \/>                SSLOptions +StdEnvVars<br \/>        &lt;\/Directory&gt;<br \/>        &lt;Location \/html5\/&gt;<br \/>                Order allow,deny<br \/>                Allow from all<br \/>                ProxyPass http:\/\/127.0.0.1:8080\/guacamole\/ flushpackets=on<br \/>                ProxyPassReverse http:\/\/127.0.0.1:8080\/guacamole\/<br \/>        &lt;\/Location&gt;<br \/><br \/>        &lt;Location \/html5\/websocket-tunnel&gt;<br \/>                Order allow,deny<br \/>                Allow from all<br \/>                ProxyPass ws:\/\/127.0.0.1:8080\/guacamole\/websocket-tunnel<br \/>                ProxyPassReverse ws:\/\/127.0.0.1:8080\/guacamole\/websocket-tunnel<br \/>        &lt;\/Location&gt;<br \/>    &lt;\/VirtualHost&gt;<br \/>&lt;\/IfModule&gt;<br \/>EOF<br \/><\/pre>\n<h3>Apache\u30ea\u30b9\u30bf\u30fc\u30c8 <\/h3>\n<pre>root@eve-ng:~# \/etc\/init.d\/apache2 restart<br \/>[ ok ] Restarting apache2 (via systemctl): apache2.service.<br \/><\/pre>\n<p>\u4ee5\u4e0a\u3002\u7c21\u5358\u306a\u306e\u3067\u3084\u3063\u3066\u304a\u304f\u3079\u3057\u3002  <\/p>\n<table align=\"center\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin-left: auto; margin-right: auto; text-align: center;\">\n<tbody>\n<tr>\n<td style=\"text-align: center;\"><a href=\"https:\/\/4.bp.blogspot.com\/-Aktzxevrvp8\/WyNH9fbbo8I\/AAAAAAAAAUM\/xJ-U3XHdgZwld8Fn2nJATOcASPFEP80wQCLcBGAs\/s1600\/eve.JPG\" style=\"margin-left: auto; margin-right: auto;\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" data-original-height=\"28\" data-original-width=\"358\" height=\"25\" src=\"https:\/\/4.bp.blogspot.com\/-Aktzxevrvp8\/WyNH9fbbo8I\/AAAAAAAAAUM\/xJ-U3XHdgZwld8Fn2nJATOcASPFEP80wQCLcBGAs\/s320\/eve.JPG\" width=\"320\" \/><\/a><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">HTTPS\u306b\u306a\u3063\u3066\u3044\u308b<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u516c\u5f0f\u306e\u30de\u30cb\u30e5\u30a2\u30eb\u307e\u3093\u307e\u3067\u3059\u3002\u81ea\u5df1\u8a3c\u660e\u66f8\u306a\u306e\u3067, \u30d6\u30e9\u30a6\u30b6\u306e\u8b66\u544a\u304c\u3067\u308b\u304b\u3089\u30a2\u30f3\u30c1\u30a6\u30a3\u30eb\u30b9\u30bd\u30d5\u30c8\u4f7f\u3063\u3066\u3044\u308b\u5834\u5408\u306f\u9069\u5b9c\u9664\u5916\u8a2d\u5b9a\u3059\u308b\u3002 \u516c\u5f0f\u30de\u30cb\u30e5\u30a2\u30ebhttp:\/\/www.eve-ng.net\/documentation\/how\u2026 <span class=\"read-more\"><a href=\"https:\/\/wp.zassoul.com\/?p=512\">\u7d9a\u304d\u3092\u8aad\u3080 &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24,6,15,8],"tags":[],"class_list":["post-512","post","type-post","status-publish","format-standard","hentry","category-eve-ng","category-it","category-network","category-8"],"_links":{"self":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/posts\/512","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=512"}],"version-history":[{"count":0,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/posts\/512\/revisions"}],"wp:attachment":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=512"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=512"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=512"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}