xmapp开启https
在开发微信小程序的时候我们需要开启https本地测试,以下我们说明使用xmapp如何开启https访问
1. php中开启ssl
在php的配置文件中把openssl前面的注释去掉, 大概在配置文件的900行左右
配置文件路径为: xampp\php\php.ini
- extension=openssl
2. 配置https虚拟主机
经常开发的同学应该清楚,平时我们开发经常用到vhost的配置,这个是http的虚拟主机的配置,根据域名匹配访问指定的目录。
现在我们需要使https生效,同样需要配置一个443端口可用的vhost
配置文件: xampp\apache\conf\extra\httpd-ssl.conf
在配置文件中121行左右有个<VirtualHost _default_:443>标签,该标签的结束标签一致到文件结束
我这边的做法是把从121行起的所有内容复制一份,粘贴到文件尾部,然后再修改,保留原始的样例不变
以下是我复制后的内容,有几个加注释的地方需要注意
- <VirtualHost tfgzvjit.qcloud.la:>
- # General setup for the virtual host
- # 以下几个配置比较重要,请根据自己的业务对应确定目录
- DocumentRoot "D:/working/server/"
- ServerName test.domain.com:
- ServerAdmin admin@test.domain.com
- ErrorLog "C:/xampp/apache/logs/test.domain.com.443.ogerror.log"
- TransferLog "C:/xampp/apache/logs/test.domain.com.443.access.log"
- # SSL Engine Switch:
- # Enable/Disable SSL for this virtual host.
- SSLEngine on
- # Server Certificate:
- # Point SSLCertificateFile "conf/ssl.crt/server.crt"
- # the certificate is encrypted, then you will be prompted for a
- # pass phrase. Note that a kill -HUP will prompt again. Keep
- # in mind that if you have both an RSA and a DSA certificate you
- # can configure both in parallel (to also allow the use of DSA
- # ciphers, etc.)
- # Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
- # require an ECC certificate which can also be configured in
- # parallel.
- SSLCertificateFile "conf/ssl.crt/server.crt"
- #SSLCertificateFile "conf/ssl.crt/server.crt"
- #SSLCertificateFile "conf/ssl.crt/server.crt"
- # Server Private Key:
- # If the key is not combined with the certificate, use this
- # directive to point at the key file. Keep in mind that if
- # you've both a RSA and a DSA private key you can configure
- # both in parallel (to also allow the use of DSA ciphers, etc.)
- # ECC keys, when in use, can also be configured in parallel
- SSLCertificateKeyFile "conf/ssl.key/server.key"
- #SSLCertificateKeyFile "conf/ssl.key/server.key"
- #SSLCertificateKeyFile "conf/ssl.key/server.key"
- # Server Certificate Chain:
- # Point SSLCertificateChainFile at a file containing the
- # concatenation of PEM encoded CA certificates which form the
- # certificate chain for the server certificate. Alternatively
- # the referenced file can be the same as SSLCertificateFile "conf/ssl.crt/server.crt"
- # certificate for convenience.
- #SSLCertificateChainFile "c:/Apache24/conf/server-ca.crt"
- # Certificate Authority (CA):
- # Set the CA certificate verification path where to find CA
- # certificates for client authentication or alternatively one
- # huge file containing all of them (file must be PEM encoded)
- # Note: Inside SSLCACertificatePath you need hash symlinks
- # to point to the certificate files. Use the provided
- # Makefile to update the hash symlinks after changes.
- #SSLCACertificatePath "c:/Apache24/conf/ssl.crt"
- #SSLCACertificateFile "c:/Apache24/conf/ssl.crt/ca-bundle.crt"
- # Certificate Revocation Lists (CRL):
- # Set the CA revocation path where to find CA CRLs for client
- # authentication or alternatively one huge file containing all
- # of them (file must be PEM encoded).
- # The CRL checking mode needs to be configured explicitly
- # through SSLCARevocationCheck (defaults to "none" otherwise).
- # Note: Inside SSLCARevocationPath you need hash symlinks
- # to point to the certificate files. Use the provided
- # Makefile to update the hash symlinks after changes.
- #SSLCARevocationPath "c:/Apache24/conf/ssl.crl"
- #SSLCARevocationFile "c:/Apache24/conf/ssl.crl/ca-bundle.crl"
- #SSLCARevocationCheck chain
- # Client Authentication (Type):
- # Client certificate verification type and depth. Types are
- # none, optional, require and optional_no_ca. Depth is a
- # number which specifies how deeply to verify the certificate
- # issuer chain before deciding the certificate is not valid.
- #SSLVerifyClient require
- #SSLVerifyDepth
- # TLS-SRP mutual authentication:
- # Enable TLS-SRP and set the path to the OpenSSL SRP verifier
- # file (containing login information for SRP user accounts).
- # Requires OpenSSL 1.0. or newer. See the mod_ssl FAQ for
- # detailed instructions on creating this file. Example:
- # "openssl srp -srpvfile c:/Apache24/conf/passwd.srpv -add username"
- #SSLSRPVerifierFile "c:/Apache24/conf/passwd.srpv"
- # Access Control:
- # With SSLRequire you can do per-directory access control based
- # on arbitrary complex boolean expressions containing server
- # variable checks and other lookup directives. The syntax is a
- # mixture between C and Perl. See the mod_ssl documentation
- # for more details.
- #<Location />
- #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
- # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
- # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
- # and %{TIME_WDAY} >= and %{TIME_WDAY} <= \
- # and %{TIME_HOUR} >= and %{TIME_HOUR} <= ) \
- # or %{REMOTE_ADDR} =~ m/^\.\.\.[-]+$/
- #</Location>
- # SSL Engine Options:
- # Set various options for the SSL engine.
- # o FakeBasicAuth:
- # Translate the client X. into a Basic Authorisation. This means that
- # the standard Auth/DBMAuth methods can be used for access control. The
- # user name is the `one line' version of the client's X. certificate.
- # Note that no password is obtained from the user. Every entry in the user
- # file needs this password: `xxj31ZMTZzkVA'.
- # o ExportCertData:
- # This exports two additional environment variables: SSL_CLIENT_CERT and
- # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
- # server (always existing) and the client (only existing when client
- # authentication is used). This can be used to import the certificates
- # into CGI scripts.
- # o StdEnvVars:
- # This exports the standard SSL/TLS related `SSL_*' environment variables.
- # Per default this exportation is switched off for performance reasons,
- # because the extraction step is an expensive operation and is usually
- # useless for serving static content. So one usually enables the
- # exportation for CGI and SSI requests only.
- # o StrictRequire:
- # This denies access when "SSLRequireSSL" or "SSLRequire" applied even
- # under a "Satisfy any" situation, i.e. when it applies access is denied
- # and no other module can change it.
- # o OptRenegotiate:
- # This enables optimized SSL connection renegotiation handling when SSL
- # directives are used in per-directory context.
- #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
- <FilesMatch "\.(cgi|shtml|phtml|php)$">
- SSLOptions +StdEnvVars
- </FilesMatch>
- <Directory "C:/xampp/apache/cgi-bin">
- SSLOptions +StdEnvVars
- </Directory>
- # SSL Protocol Adjustments:
- # The safe and default but still SSL/TLS standard compliant shutdown
- # approach is that mod_ssl sends the close notify alert but doesn't wait for
- # the close notify alert from client. When you need a different shutdown
- # approach you can use one of the following variables:
- # o ssl-unclean-shutdown:
- # This forces an unclean shutdown when the connection is closed, i.e. no
- # SSL close notify alert is sent or allowed to be received. This violates
- # the SSL/TLS standard but is needed for some brain-dead browsers. Use
- # this when you receive I/O errors because of the standard approach where
- # mod_ssl sends the close notify alert.
- # o ssl-accurate-shutdown:
- # This forces an accurate shutdown when the connection is closed, i.e. a
- # SSL close notify alert is send and mod_ssl waits for the close notify
- # alert of the client. This is % SSL/TLS standard compliant, but in
- # practice often causes hanging connections with brain-dead browsers. Use
- # this only for browsers where you know that their SSL implementation
- # works correctly.
- # Notice: Most problems of broken clients are also related to the HTTP
- # keep-alive facility, so you usually additionally want to disable
- # keep-alive for those clients, too. Use variable "nokeepalive" for this.
- # Similarly, one has to force some clients to use HTTP/1.0 to workaround
- # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
- # "force-response-1.0" for this.
- BrowserMatch "MSIE [2-5]" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
- # Per-Server Logging:
- # The home of a custom SSL log file. Use this when you want a
- # compact non-error SSL logfile on a virtual host basis.
- CustomLog "C:/xampp/apache/logs/ssl_request.log" \
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
- </VirtualHost>
修改完以上内容重启apache即可
xmapp开启https的更多相关文章
- Ubuntu下配置apache开启https
一.HTTPS简述随着网络的日常,信息安全越来越重要,传统的网站都是http协议明文传输,而HTTPS协议是由SSL+HTTP协议构建的可进行加密传输.身份认证的网络协议,比http协议安全. 那ht ...
- 网站开启https后加密协议始终是TLS1.0如何配置成TLS1.2?
p { margin-bottom: 0.1in; line-height: 120% } 网站开启https后加密协议始终是TLS1.0如何配置成TLS1.2? 要在服务器上开启 TLSv1.,通常 ...
- apache和nginx开启https
1.安装mod_ssl和openssl yum -y install mod_ssl openssl 2.建立服务器密钥 mkdir /etc/httpd/conf.d/ssl.key/ cd /et ...
- 分享一个免费SSL证书申请网站,给网站开启https协议 | 张戈博客
这些天,由于公司的业务需求,接触到了ssl证书和https协议.博客前几篇文章也分享了在WEB服务器上安装SSL证书,为网站开启https协议的教程,感兴趣的童鞋可以前往查看相关文章: <Lin ...
- NatApp开启HTTPS访问方式
一.首先需要到付费隧道中选择免费开启https 二.其次需要重新启动natapp服务,如下图出现两个隧道说明OK
- 七牛云存储上传自有证书开启https访问
虽然七牛云存储也提供免费SSL证书申请,但我就喜欢用其他平台申请的,于是在腾讯云申请了免费SSL证书,正准备在七牛上传,弹出的界面却让我傻了眼,如下图所示: 腾讯免费SSL证书提供了不同服务器环境的版 ...
- WordPress整站轻松开启HTTPS
近两年来HTTPS取代HTTP已经成为大势所趋.早在2014年google Chromium安全团队提议将所有的HTTP协议网站标注为不安全.现在,Chrome浏览器已经开始执行这一标准了.从 Chr ...
- 利用GitHub搭建Hexo博客并开启HTTPS
Hexo 是一个快速.简洁且高效的博客框架.Hexo 使用 Markdown(或其他渲染引擎)解析文章,在几秒内,即可利用靓丽的主题生成静态网页. GitHub 是一个面向开源及私有软件项目的托管平台 ...
- 个人博客如何开启 https
以前写过利用 wordpress 搭建的一个博客『个人博客搭建( wordpress )』,绑定了域名,但是没开启 https,在浏览博客的时候浏览器会提示不安全.下面来谈下个人博客如何免费申请证书, ...
随机推荐
- android 屏幕适配原则
屏幕大小 1.不同的layout Android手 机屏幕大小不一,有480x320,640x360,800x480.怎样才能让App自动适应不同的屏幕呢? 其实很简单,只需要在res目录下创建不同的 ...
- Microsoft Team Foundation Server 2010 安装 序列号 注册码(转载)
安装过程: 一.安装操作系统 安装Windows 2008 R2简体中文版 二.准备安装过程中的需要的用户账户,并设置相应权限. 具体流程如下: 1.点击“开始”——“管理工具”——“计算机管理” 2 ...
- unity, break prefab instance
菜单->GameObject->Break Prefab Instance,可以打断prefab实例与prefab的连接. 一个用处是:比如想从sceneA拷贝一部分Hierarchy结构 ...
- R内存扩展 win7内存扩展
安装包 imdiskinst 文件 램디스크 사용http://www.ltr-data.se/ http://cruciancar.blog.me/150101634586 --TEMP 변수 TE ...
- mysql启动与关闭
撰于:http://wenku.baidu.com/link?url=QV3mEJWnU4c8VZPjKGxz4A8gSmdjO2HZY7n963UaVx4l_uPKrh16tGxLyqjf5i3MA ...
- sql中的SET NOCOUNT ON/OFF
当 SET NOCOUNT 为 ON 时,不返回计数(表示受Transact-SQL 语句影响的行数). 当 SET NOCOUNT 为 OFF 时,返回计数(默认为OFF). 即使当 SET NOC ...
- 广告过滤神器(ADMuncher)4.93
Ad Muncher 介绍: 浏览网页时,冷不防地被网站播放的MIDI音乐声音吓一跳,或是因为弹出的广告窗口碍事,而影响你上网络的心情.Ad Muncher支持Netscape.Inte ...
- redis-cli 常用命令
1.连接操作相关的命令 quit:关闭连接(connection) auth:简单密码认证 2.对value操作的命令 exists(key):确认一个key是否存在 del(key):删除一个key ...
- android studio 中配置androidAnnotation 的新版正确配置
apply ].processResources.manifestFile resourcePackageName 'com.peiandsky.firstandroidstudio' }}
- Missing artifact javax.transaction:jta:jar:1.0.1B解决办法
maven库中缺少了这个jar,需要把这个jar安装到本地库中去. 1.下载包含此jar的zip包,地址: http://download.csdn.net/detail/spring123tt/68 ...