linux 메모: 11월 2011

2011년 11월 29일 화요일

[Linux] SSL 설정

정식 SSL은 돈주고 사야한다.

[root@localhost kim]# yum install mod_ssl

Loaded plugins: presto, refresh-packagekit
fedora/metalink | 2.7 kB 00:00
updates/metalink | 2.6 kB 00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package mod_ssl.i686 1:2.2.15-1.fc12.2 set to be updated
--> Processing Dependency: openssl >= 1.0.0-1 for package: 1:mod_ssl-2.2.15-1.fc12.2.i686
--> Processing Dependency: libnal.so.1 for package: 1:mod_ssl-2.2.15-1.fc12.2.i686
--> Processing Dependency: libdistcache.so.1 for package: 1:mod_ssl-2.2.15-1.fc12.2.i686
--> Running transaction check
---> Package distcache.i686 0:1.4.5-21 set to be updated
---> Package openssl.i686 0:1.0.0b-1.fc12.1 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
mod_ssl i686 1:2.2.15-1.fc12.2 updates 84 k
Installing for dependencies:
distcache i686 1.4.5-21 fedora 108 k
Updating for dependencies:
openssl i686 1.0.0b-1.fc12.1 updates 1.4 M

Transaction Summary
================================================================================
Install 2 Package(s)
Upgrade 1 Package(s)

Total download size: 1.6 M
Is this ok [y/N]: y
Downloading Packages:
Setting up and reading Presto delta metadata
Processing delta metadata
Download delta size: 640 k
openssl-1.0.0-0.10.beta3.fc12_1.0.0b-1.fc12.1.i686.drpm | 640 kB 00:04
Finishing rebuild of rpms, from deltarpms
<delta rebuild> | 1.4 MB 00:03
Presto reduced the update size by 55% (from 1.4 M to 640 k).
Package(s) data still to download: 193 k
(1/2): distcache-1.4.5-21.i686.rpm | 108 kB 00:00
(2/2): mod_ssl-2.2.15-1.fc12.2.i686.rpm | 84 kB 00:02
--------------------------------------------------------------------------------
Total 48 kB/s | 193 kB 00:03
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB has been altered since the last yum transaction.
Updating : openssl-1.0.0b-1.fc12.1.i686 1/4
Installing : distcache-1.4.5-21.i686 2/4
Installing : 1:mod_ssl-2.2.15-1.fc12.2.i686 3/4
Cleanup : openssl-1.0.0-0.10.beta3.fc12.i686 4/4

Installed:
mod_ssl.i686 1:2.2.15-1.fc12.2

Dependency Installed:
distcache.i686 0:1.4.5-21

Dependency Updated:
openssl.i686 0:1.0.0b-1.fc12.1

Complete!

예전 증명서백업
[root@localhost kim]# cd /etc/pki/tls/certs
[root@localhost certs]# mv localhost.crt localhost.crt.bak

테스트 증명서 만들기
[root@localhost certs]# make testcert

umask 77 ; \
/usr/bin/openssl req -utf8 -new -key /etc/pki/tls/private/localhost.key -x509 -days 365 -out /etc/pki/tls/certs/localhost.crt -set_serial 0
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:JP
State or Province Name (full name) []:OSAKA
Locality Name (eg, city) [Default City]:JYOUTOU-KU
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:www.aaa.co.jp
Email Address []:aaa@naver.com

방화벽설정
[root@localhost certs]# iptables -I INPUT -p tcp -m tcp --dport https -j ACCEPT
[root@localhost certs]# /etc/rc.d/init.d/iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]

[root@localhost certs]# /etc/rc.d/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName
[ OK ]
[root@localhost certs]#

2011년 11월 8일 화요일

[linux] TOMCAT 설치 / 톰캣 설치

JAVA설치
http://www.oracle.com/technetwork/java/javase/downloads/index.html
http://www.oracle.com/technetwork/java/javasebusiness/downloads/java-archive-downloads-javase6-419409.html

jdk-6u33-linux-i586.bin을 다운로드 했다
#>chmod 77 jdk-6u33-linux-i586.bin
#> ./jdk-6u33-linux-i586.bin
#>mv jdk1.6.0_33 /usr/local/jdk1.6.0_33

#> vi /etc/profile 을 열어서 아래 추가
export JAVA_HOME=/usr/local/jdk1.6.0_33
export PATH=$JAVA_HOME/bin:$PATH

톰캣 다운로드
http://tomcat.apache.org/

apache-tomcat-6.0.33.tar.gz 다운로드

압축풀고
tar -xvf apache-tomcat-6.0.33.tar.gz

톰캣 실행
/usr/local/apache-tomcat-6.0.33/bin/에가서./startup.sh 실행

방화벽설정 변경
#> vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT

동작 확인
http://서버IP:8080

톰캣 자동 실행 설정
#>vi /etc/rc.d/init.d/tomcat 파일 생성해서 아래대로 쓴다

#!/bin/sh

# Source function library.

. /etc/rc.d/init.d/functions

source /etc/profile

export TOMCAT_HOME=/usr/local/apache-tomcat-6.0.33

# See how we were called.

case "$1" in

start)

echo -n "Starting tomcat EXPERIMENTAL: "

daemon $TOMCAT_HOME/bin/startup.sh

echo

;;

stop)

echo -n "Shutting down tomcat EXPERIMENTAL: "

daemon $TOMCAT_HOME/bin/shutdown.sh

echo

;;

restart)

$0 stop

$0 start

;;

echo "Usage: $0 {start|stop|restart}"

exit 1

esac

exit 0

링크 걸기

# cd /etc/rc.d
# ln -s ../init.d/tomcat ./rc3.d/S90tomcat
# ln -s ../init.d/tomcat ./rc5.d/S90tomcat
# ln -s ../init.d/tomcat ./rc6.d/K90tomcat

Mysql설치 보기
톰캣 포트 변경 보기

[linux] 아파치 설치

yum 을 이용해서 아파치 설치
#> yum install httpd httpd-manual

설치후 IP테이블변경
#>iptables -I INPUT -p tcp -m tcp --dport http -j ACCEPT
#>#/etc/rc.d/init.d/iptables save

아파치 기동
#>service httpd start

자동기동 설정
#>chkconfig httpd on

확인
브라우져에서
http://localhost/
아파치가 보이면 굿잡