{"id":197,"date":"2026-04-05T23:11:45","date_gmt":"2026-04-05T14:11:45","guid":{"rendered":"https:\/\/falcon21.space\/kazuya\/work\/?page_id=197"},"modified":"2026-04-05T23:11:45","modified_gmt":"2026-04-05T14:11:45","slug":"ssl-cerbot-%e8%a8%ad%e5%ae%9a","status":"publish","type":"page","link":"https:\/\/falcon21.space\/kazuya\/work\/?page_id=197","title":{"rendered":"SSL cerbot \u8a2d\u5b9a"},"content":{"rendered":"\n

mod_ssl\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/strong>
[root@falcon21 ~]# dnf -y install mod_ssl<\/strong>
\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u6e08\u307f:
mod_ssl-1:2.4.63-1.el10_0.2.x86_64

\u5b8c\u4e86\u3057\u307e\u3057\u305f!

—————-

SSL\u3000HTTPS \u306b\u3088\u308b\u6697\u53f7\u5316\u901a\u4fe1\u8a2d\u5b9a<\/strong>
[root@falcon21 ~]# vi \/etc\/httpd\/conf.d\/ssl.conf<\/strong>

43 DocumentRoot “\/var\/www\/html”

45 ServerName www.falcon21.space:443

86 #SSLCertificateFile \/etc\/pki\/tls\/certs\/localhost.crt
87 SSLCertificateFile \/etc\/letsencrypt\/live\/falcon21.space\/cert.pem<\/strong>

95 #SSLCertificateKeyFile \/etc\/pki\/tls\/private\/localhost.key
96 SSLCertificateKeyFile \/etc\/letsencrypt\/live\/falcon21.space\/privkey.pem<\/strong>

106 SSLCertificateChainFile \/etc\/letsencrypt\/live\/falcon21.space\/chain.pem<\/strong>

—————-

httpd\u3092\u518d\u8d77\u52d5\u3057\u3066\u3001\u8a2d\u5b9a\u3092\u53cd\u6620<\/strong>
[root@falcon21 ~]# systemctl restart httpd<\/strong>

httpd\u306e\u72b6\u614b\u78ba\u8a8d<\/strong>
[root@falcon21 ~]# systemctl status httpd<\/strong>
\u25cf httpd.service – The Apache HTTP Server
\u3000\u3000\u3000\u3000Loaded: loaded (\/usr\/lib\/systemd\/system\/httpd.service; enabled<\/strong>; preset: disabled)
\u3000\u3000\u3000Drop-In: \/etc\/systemd\/system\/httpd.service.d
\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u2514\u2500php-fpm.conf
\u3000\u3000\u3000\u3000Active: active (running) since Wed 2025-11-19 11:53:07 JST; 1min 19s ago
\u3000Invocation: bdd2cd37fba741a489de5b22ec2f790d
\u3000\u3000\u3000\u3000\u3000Docs: man:httpd.service(8)
\u3000\u3000Main PID: 4132 (httpd)
\u3000\u3000\u3000\u3000Status: “Total requests: 0; Idle\/Busy workers 100\/0;Requests\/sec: 0; Bytes served\/sec: >
Tasks: 177 (limit: 47740)
\u3000Memory: 14.3M (peak: 15M)
\u3000\u3000\u3000\u3000CPU: 159ms
\u3000CGroup: \/system.slice\/httpd.service
\u3000\u3000\u3000\u3000\u3000\u3000\u251c\u25004132 \/usr\/sbin\/httpd -DFOREGROUND
\u3000\u3000\u3000\u3000\u3000\u3000\u251c\u25004134 \/usr\/sbin\/httpd -DFOREGROUND
\u3000\u3000\u3000\u3000\u3000\u3000\u251c\u25004135 \/usr\/sbin\/httpd -DFOREGROUND
\u3000\u3000\u3000\u3000\u3000\u3000\u251c\u25004136 \/usr\/sbin\/httpd -DFOREGROUND
\u3000\u3000\u3000\u3000\u3000\u3000\u2514\u25004137 \/usr\/sbin\/httpd -DFOREGROUND

11\u6708 19 11:53:07 falcon21.space systemd[1]: Starting httpd.service – The Apache HTTP Server…
11\u6708 19 11:53:07 falcon21.space (httpd)[4132]: httpd.service: Referenced but unset environment><\/strong>
11\u6708 19 11:53:07 falcon21.space httpd[4132]: Server configured, listening on: port 443, port 80
11\u6708 19 11:53:07 falcon21.space systemd[1]: Started httpd.service – The Apache HTTP Server.

—————-<\/p>\n\n\n\n

HTTPS\u3067\u306e\u8868\u793a\u8a2d\u5b9a<\/strong><\/p>\n\n\n\n

HTTP \u901a\u4fe1\u3092 HTTPS \u3078\u30ea\u30c0\u30a4\u30ec\u30af\u30c8\u3057\u3066 Always on SSL\/TLS \u3068\u3059\u308b\u5834\u5408\u306f\u3001
\u305d\u308c\u305e\u308c\u306e\u30b5\u30a4\u30c8\u8a2d\u5b9a\u306b RewriteRule \u3092\u8a18\u8ff0<\/strong>

vhost.conf\u3000\u65b0\u898f\u4f5c\u6210\u8a2d\u5b9a<\/strong>\u3000vi \/etc\/httpd\/conf.d\/vhost.conf<\/strong><\/p>\n\n\n\n

        DocumentRoot \/var\/www\/html\n        ServerName falcon21.space\n        RewriteEngine on\n        RewriteCond %{HTTPS} on\n        RewriteCond %{SERVER_PORT} !^443$\n        RewriteRule ^(.*)$ https:\/\/%{HTTP_HOST}%{REQUEST_URI} [R=301,L]\n        RewriteCond %{SERVER_NAME} =falcon21.space [OR]\n\n\n\n        DocumentRoot \/home\/anjii\/public_html\n        ServerName falcon21.space\n        RewriteEngine on\n        RewriteCond %{HTTPS} on\n        RewriteCond %{SERVER_PORT} !^443$\n        RewriteRule ^(.*)$ https:\/\/%{HTTP_HOST}%{REQUEST_URI} [R=301,L]\n        RewriteCond %{SERVER_NAME} =falcon21.space [OR]\n\n\n\n        DocumentRoot \/home\/hayato\/public_html\n        ServerName falcon21.space\n        RewriteEngine on\n        RewriteCond %{HTTPS} on\n        RewriteCond %{SERVER_PORT} !^443$\n        RewriteRule ^(.*)$ https:\/\/%{HTTP_HOST}%{REQUEST_URI} [R=301,L]\n        RewriteCond %{SERVER_NAME} =falcon21.space [OR]\n\n\n\n        DocumentRoot \/home\/kazuya\/public_html\n        ServerName falcon21.space\n        RewriteEngine on\n        RewriteCond %{HTTPS} on\n        RewriteCond %{SERVER_PORT} !^443$\n        RewriteRule ^(.*)$ https:\/\/%{HTTP_HOST}%{REQUEST_URI} [R=301,L]\n        RewriteCond %{SERVER_NAME} =falcon21.space [OR]\n\n\n\n        DocumentRoot \/home\/saki\/public_html\n        ServerName falcon21.space\n        RewriteEngine on\n        RewriteCond %{HTTPS} on\n        RewriteCond %{SERVER_PORT} !^443$\n        RewriteRule ^(.*)$ https:\/\/%{HTTP_HOST}%{REQUEST_URI} [R=301,L]\n        RewriteCond %{SERVER_NAME} =falcon21.space [OR]\n\n<\/pre>\n\n\n\n
—————-<\/p>\n\n\n\n
http\u30a2\u30af\u30bb\u30b9\u3092https\u3078\u30ea\u30c0\u30a4\u30ec\u30af\u30c8\u3059\u308b<\/strong>
[root@falcon21 ~]# vi \/etc\/httpd\/conf\/httpd.conf<\/strong><\/p>\n\n\n\n
369 RewriteEngine on<\/strong>
370 RewriteCond %{HTTPS} off<\/strong>
371 RewriteRule ^(.*)$ https:\/\/%{HTTP_HOST}%{REQUEST_URI} [R=301,L]<\/strong><\/p>\n\n\n\n
*** <\/strong>\u3000\u53c8\u306f\u3000ssl.conf\u30d5\u30a1\u30a4\u30eb\u3092\u7de8\u96c6\u3057\u3066\u3001
https:\/\/www.falcon21.space\u3092https:\/\/falcon21.space\u3078\u30ea\u30c0\u30a4\u30ec\u30af\u30c8<\/strong>
***<\/strong><\/p>\n\n\n\n
[root@falcon21 ~]# vi \/etc\/httpd\/conf.d\/ssl.conf<\/strong>
40 <VirtualHost _default_:443>
41 RewriteEngine On<\/strong>
42 RewriteCond %{HTTPS} on<\/strong>
43 RewriteCond %{HTTP_HOST} ^falcon21.space$<\/strong>
44 RewriteRule ^(.*)$ https:\/\/falcon21.space%{REQUEST_URI} [R=301,L]<\/strong>
45
46 # General setup for the virtual host, inherited from global configuration
47 DocumentRoot “\/var\/www\/html”<\/p>\n\n\n\n
66 SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1<\/p>\n\n\n\n
211 Header always set Strict-Transport-Security “max-age=15768000”<\/p>\n\n\n\n
—————-\u3000<\/p>\n\n\n\n
firewall\u8a2d\u5b9a<\/strong>
[root@falcon21 ~]# firewall-cmd –add-service=https<\/strong>
success<\/strong><\/p>\n\n\n\n
[root@falcon21 ~]# firewall-cmd –runtime-to-permanent<\/strong>
success<\/strong><\/p>\n\n\n\n
—————-
[root@falcon21 ~]# systemctl restart httpd<\/strong><\/p>\n\n\n\n
https:\/\/falcon21.space\/\u3000\u3078\u30a2\u30af\u30bb\u30b9<\/strong>
\u3000\u4fdd\u8b77\u3055\u308c\u3066\u3044\u306a\u3044\u901a\u4fe1\u3000\u3000\u53ea\u4eca\u3001\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u4e2d<\/strong>\u3000\u3000OK!!<\/strong><\/p>\n\n\n\n
https:\/\/falcon21.space\/hayato\/<\/strong>
\u3000\u4fdd\u8b77\u3055\u308c\u3066\u3044\u306a\u3044\u901a\u4fe1\u3000hayato_Dir Test Page<\/strong>\u3000\u3000OK!!<\/strong>\u3000<\/p>\n\n\n\n
https:\/\/falcon21.space\/kazuya\/<\/strong>
\u3000\u4fdd\u8b77\u3055\u308c\u3066\u3044\u306a\u3044\u901a\u4fe1\u3000test\u3000<\/strong>\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000OK!!<\/strong>\u3000<\/p>\n\n\n\n
https:\/\/falcon21.space\/anjii\/info.php\u3000<\/strong>\u3000\u3000
\u3000\u4fdd\u8b77\u3055\u308c\u3066\u3044\u306a\u3044\u901a\u4fe1\u3000PHP Version 8.3.19<\/strong>\u3000\u3000\u3000OK!!<\/strong>\u3000<\/p>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
mod_ssl\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb[root@falcon21 ~]# dnf -y install mod_ssl\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u6e08\u307f:mod_ssl-1:2.4.63-1.el10_0.2.x86_64 \u5b8c\u4e86\u3057\u307e\u3057\u305f! […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-197","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/pages\/197","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=197"}],"version-history":[{"count":1,"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/pages\/197\/revisions"}],"predecessor-version":[{"id":198,"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/pages\/197\/revisions\/198"}],"wp:attachment":[{"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=197"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}