如何从httpd.conf apache导出ssl密钥,crt和CA,将其用于所有用户的nginx [英] how to export ssl key , crt and CA from httpd.conf apache to use it into nginx for all users
问题描述
使用自定义安装程序,使用nginx作为cPanel的web引擎
需要命令来导出ssl文件以将其用于nginx
cpanel现在使用AutoSSL comodo免费赠送,当任何用户域名ssl过期时自动更新
示例httpd.conf
< VirtualHost 4xx30:4433>
ServerName xnxxsch.com
< IfModule ssl_module>
SSLCertificateFile / var / cpanel / ssl / installed / certs / xnh_com_d98c5_67ca3_150707 $
SSLCertificateKeyFile / var / cpanel / ssl / installed / keys / d98c5_67ca3_76c14a301e0260891bbe91504 $
SSLCACertificateFile / var / cpanel / ssl / installed / cabundles / cPanel_Inc__681917bfb43af6b642178 $
< / IfModule>
< / VirtualHost>
< VirtualHost 46.xx30:4433>
ServerName xxxh.com
< IfModule ssl_module>
SSLCertificateFile / var / cpanel / ssl / installed / certs / xnah_com_d98c5_67ca3_150707 $
SSLCertificateKeyFile / var / cpanel / ssl / installed / keys / d98c5_67ca3_76c14a301e0260891bbe91504 $
SSLCACertificateFile / var / cpanel / ssl / installed / cabundles / cPanel_Inc__681917bfb43af6b642178 $
< / IfModule>
< / VirtualHost>
需要导出每个域(ServerName)
作为两个文件
SSLCertificateKeyFile 作为 ServerName.key
'p>和
了SSLCertificateFile + SSLCACertificateFile的作为为servername.crt
从SSH
与
$ b $ pre $ grep'ServerName'/ etc / apache2 / conf /httpd.conf
导出所有需要循环使用的元素
'p>获得了SSLCertificateKeyFile下它
和与名称为servername.crt复制到/ etc / nginx的/ SSL /
<$ p $
p> #!/ bin / bash
#查找ServerName并提取值。循环结果。
for $(grep ServerName httpd.conf | sed's /.* ServerName \s * //');做
echo $ server
#拉出该服务器的XML块
lock = $(grep -A5$ serverhttpd.conf)
#提取XML块$ b $文件名b了SSLCertificateFile = $(回声 $块 | sed的-n的/.* SSLCertificateFile\s * // p')
了SSLCertificateKeyFile = $(回声$块 | SED -n的/.* SSLCertificateKeyFile\s * // p')
SSLCACertificateFile = $(回声 $块 | SED -n的/.* SSLCACertificateFile\s * // p')
#创建文件
CP $了SSLCertificateKeyFile $ {}服务器.KEY
猫 $了SSLCertificateFile $ SSLCACertificateFile > $ {server} .crt
完成
#循环结束
use custom setup that use nginx as web engine with cpanel need command to export ssl files to use it into nginx
cpanel now use AutoSSL powered by Comodo that give it free and will renew it automatic when any users domains ssl expire
example httpd.conf
<VirtualHost 4xx30:4433>
ServerName xnxxsch.com
<IfModule ssl_module>
SSLCertificateFile /var/cpanel/ssl/installed/certs/xnh_com_d98c5_67ca3_150707$
SSLCertificateKeyFile /var/cpanel/ssl/installed/keys/d98c5_67ca3_76c14a301e0260891bbe91504$
SSLCACertificateFile /var/cpanel/ssl/installed/cabundles/cPanel_Inc__681917bfb43af6b642178$
</IfModule>
</VirtualHost>
<VirtualHost 46.xx30:4433>
ServerName xxxh.com
<IfModule ssl_module>
SSLCertificateFile /var/cpanel/ssl/installed/certs/xnah_com_d98c5_67ca3_150707$
SSLCertificateKeyFile /var/cpanel/ssl/installed/keys/d98c5_67ca3_76c14a301e0260891bbe91504$
SSLCACertificateFile /var/cpanel/ssl/installed/cabundles/cPanel_Inc__681917bfb43af6b642178$
</IfModule>
</VirtualHost>
need to export every domains (ServerName)
as two files
SSLCertificateKeyFile as ServerName.key
and
SSLCertificateFile+ SSLCACertificateFile as ServerName.crt
from ssh
with
grep 'ServerName' /etc/apache2/conf/httpd.conf
i export all need to use at loop
to get SSLCertificateKeyFile under it
and copy it with name servername.crt to /etc/nginx/ssl/
I'm sure some efficiency nuts will choke on this, but it should work:
#!/bin/bash
# Look for ServerName, and extract the value. Loop over results.
for server in $( grep ServerName httpd.conf | sed 's/.*ServerName\s*//' ); do
echo $server
# Pull out the block of XML for that server
block=$( grep -A5 "$server" httpd.conf)
# Extract file names from the XML block
SSLCertificateFile=$( echo "$block" | sed -n 's/.*SSLCertificateFile\s*//p')
SSLCertificateKeyFile=$( echo "$block" | sed -n 's/.*SSLCertificateKeyFile\s*//p')
SSLCACertificateFile=$( echo "$block" | sed -n 's/.*SSLCACertificateFile\s*//p')
# Create files
cp "$SSLCertificateKeyFile" "${server}.key"
cat "$SSLCertificateFile" "$SSLCACertificateFile" > "${server}.crt"
done
# end of loop
这篇关于如何从httpd.conf apache导出ssl密钥,crt和CA,将其用于所有用户的nginx的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
