mod_sslインストール
[root@falcon21 ~]# dnf -y install mod_ssl
インストール済み:
mod_ssl-1:2.4.63-1.el10_0.2.x86_64
完了しました!
—————-
SSL HTTPS による暗号化通信設定
[root@falcon21 ~]# vi /etc/httpd/conf.d/ssl.conf
43 DocumentRoot “/var/www/html”
45 ServerName www.falcon21.space:443
86 #SSLCertificateFile /etc/pki/tls/certs/localhost.crt
87 SSLCertificateFile /etc/letsencrypt/live/falcon21.space/cert.pem
95 #SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
96 SSLCertificateKeyFile /etc/letsencrypt/live/falcon21.space/privkey.pem
106 SSLCertificateChainFile /etc/letsencrypt/live/falcon21.space/chain.pem
—————-
httpdを再起動して、設定を反映
[root@falcon21 ~]# systemctl restart httpd
httpdの状態確認
[root@falcon21 ~]# systemctl status httpd
● httpd.service – The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; preset: disabled)
Drop-In: /etc/systemd/system/httpd.service.d
└─php-fpm.conf
Active: active (running) since Wed 2025-11-19 11:53:07 JST; 1min 19s ago
Invocation: bdd2cd37fba741a489de5b22ec2f790d
Docs: man:httpd.service(8)
Main PID: 4132 (httpd)
Status: “Total requests: 0; Idle/Busy workers 100/0;Requests/sec: 0; Bytes served/sec: >
Tasks: 177 (limit: 47740)
Memory: 14.3M (peak: 15M)
CPU: 159ms
CGroup: /system.slice/httpd.service
├─4132 /usr/sbin/httpd -DFOREGROUND
├─4134 /usr/sbin/httpd -DFOREGROUND
├─4135 /usr/sbin/httpd -DFOREGROUND
├─4136 /usr/sbin/httpd -DFOREGROUND
└─4137 /usr/sbin/httpd -DFOREGROUND
11月 19 11:53:07 falcon21.space systemd[1]: Starting httpd.service – The Apache HTTP Server…
11月 19 11:53:07 falcon21.space (httpd)[4132]: httpd.service: Referenced but unset environment>
11月 19 11:53:07 falcon21.space httpd[4132]: Server configured, listening on: port 443, port 80
11月 19 11:53:07 falcon21.space systemd[1]: Started httpd.service – The Apache HTTP Server.
—————-
HTTPSでの表示設定
HTTP 通信を HTTPS へリダイレクトして Always on SSL/TLS とする場合は、
それぞれのサイト設定に RewriteRule を記述
vhost.conf 新規作成設定 vi /etc/httpd/conf.d/vhost.conf
DocumentRoot /var/www/html
ServerName falcon21.space
RewriteEngine on
RewriteCond %{HTTPS} on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{SERVER_NAME} =falcon21.space [OR]
DocumentRoot /home/anjii/public_html
ServerName falcon21.space
RewriteEngine on
RewriteCond %{HTTPS} on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{SERVER_NAME} =falcon21.space [OR]
DocumentRoot /home/hayato/public_html
ServerName falcon21.space
RewriteEngine on
RewriteCond %{HTTPS} on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{SERVER_NAME} =falcon21.space [OR]
DocumentRoot /home/kazuya/public_html
ServerName falcon21.space
RewriteEngine on
RewriteCond %{HTTPS} on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{SERVER_NAME} =falcon21.space [OR]
DocumentRoot /home/saki/public_html
ServerName falcon21.space
RewriteEngine on
RewriteCond %{HTTPS} on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteCond %{SERVER_NAME} =falcon21.space [OR]
—————-
httpアクセスをhttpsへリダイレクトする
[root@falcon21 ~]# vi /etc/httpd/conf/httpd.conf
369 RewriteEngine on
370 RewriteCond %{HTTPS} off
371 RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
*** 又は ssl.confファイルを編集して、
https://www.falcon21.spaceをhttps://falcon21.spaceへリダイレクト
***
[root@falcon21 ~]# vi /etc/httpd/conf.d/ssl.conf
40 <VirtualHost _default_:443>
41 RewriteEngine On
42 RewriteCond %{HTTPS} on
43 RewriteCond %{HTTP_HOST} ^falcon21.space$
44 RewriteRule ^(.*)$ https://falcon21.space%{REQUEST_URI} [R=301,L]
45
46 # General setup for the virtual host, inherited from global configuration
47 DocumentRoot “/var/www/html”
66 SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
211 Header always set Strict-Transport-Security “max-age=15768000”
—————-
firewall設定
[root@falcon21 ~]# firewall-cmd –add-service=https
success
[root@falcon21 ~]# firewall-cmd –runtime-to-permanent
success
—————-
[root@falcon21 ~]# systemctl restart httpd
https://falcon21.space/ へアクセス
保護されていない通信 只今、メンテナンス中 OK!!
https://falcon21.space/hayato/
保護されていない通信 hayato_Dir Test Page OK!!
https://falcon21.space/kazuya/
保護されていない通信 test OK!!
https://falcon21.space/anjii/info.php
保護されていない通信 PHP Version 8.3.19 OK!!