{"id":1603,"date":"2019-01-04T23:47:19","date_gmt":"2019-01-04T14:47:19","guid":{"rendered":"https:\/\/test.ji0vwl.net\/?p=1603"},"modified":"2019-01-19T10:18:35","modified_gmt":"2019-01-19T01:18:35","slug":"centos7%e3%81%abapache2-4-37openssl1-1-1aphp7-3-0%e3%82%92%e3%82%bd%e3%83%bc%e3%82%b9%e3%81%8b%e3%82%89%e3%82%a4%e3%83%b3%e3%82%b9%e3%83%88%e3%83%bc%e3%83%ab","status":"publish","type":"post","link":"https:\/\/ji0vwl.net\/index.php\/2019\/01\/04\/1603\/","title":{"rendered":"Apache2.4.37 + OpenSSL1.1.1a\u3092\u30bd\u30fc\u30b9\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb"},"content":{"rendered":"<h1 style=\"text-align: left;\">CentOS7\u306bApache2.4.37+OpenSSL1.1.1a+PHP7.3.0\u3092\u30bd\u30fc\u30b9\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h1>\n<p>\u305d\u306e\u3046\u3061<a href=\"https:\/\/www.openssl.org\/blog\/blog\/2018\/09\/11\/release111\/\">OpenSSL 1.1.1<\/a>\u3092\u5165\u308c\u3066<a href=\"https:\/\/forest.watch.impress.co.jp\/docs\/news\/1138657.html\">TLS 1.3<\/a>\u306b\u5bfe\u5fdc\u3057\u305f\u3044\u306a\u3041\u3068\u601d\u3044\u306a\u304c\u3089\u3082\u3001OpenSSL\u306f\u3044\u308d\u3044\u308d\u306a\u74b0\u5883\u3068\u306e\u7d50\u3073\u3064\u304d\u304c\u5f37\u3059\u304e\u3066\u96e3\u6613\u5ea6\u304c\u9ad8\u304f\u8ae6\u3081\u3066\u3044\u305f\u306e\u3067\u3059\u304c\u3001\u305b\u3063\u304b\u304f\u306a\u306e\u3067AWS\u3092\u4f7f\u3063\u3066\u3044\u308b\u30e1\u30ea\u30c3\u30c8\u3092\u751f\u304b\u3057\u3001\u672c\u756a\u74b0\u5883\u306e\u30b9\u30ca\u30c3\u30d7\u30b7\u30e7\u30c3\u30c8\u304b\u3089\u30af\u30ed\u30fc\u30f3\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u3092\u4f5c\u308a\u3001\u958b\u767a\u74b0\u5883\u3068\u3057\u3066\u3044\u3058\u308a\u5012\u3057\u3066\u307f\u307e\u3057\u305f\u3002\u4eca\u56de\u306fSTEP3\u306b\u6311\u6226\u3067\u3059\u3002<\/p>\n<h6>STEP1. OS\u6a19\u6e96\u30ea\u30dd\u30b8\u30c8\u30ea\u304b\u3089yum\u3067\u74b0\u5883\u3092\u4f5c\u308b<\/h6>\n<h6>STEP2. IUS\u3084Remi\u7b49\u306e\u62e1\u5f35\u30ea\u30dd\u30b8\u30c8\u30ea\u304b\u3089yum\u3067\u74b0\u5883\u3092\u4f5c\u308b<\/h6>\n<h6>STEP3. \u30bd\u30fc\u30b9\u304b\u3089\u30d3\u30eb\u30c9\u3057\u3066\u74b0\u5883\u3092\u4f5c\u308b<\/h6>\n<p>&nbsp;<\/p>\n<p>\u6700\u60aa\u3044\u3064\u3067\u3082\u623b\u305b\u308b\u3088\u3046\u306b\u3001\u3082\u3068\u3082\u3068\u52d5\u304b\u3057\u3066\u3044\u308bSTEP2\u306eWeb\u30b5\u30fc\u30d0\u74b0\u5883\u306f\u300chttpd\u300d\u3068\u3057\u3066\u6b8b\u3057\u3064\u3064\u3064\uff08\u3053\u308c\u304c\u5927\u4e8b\uff09\u3001STEP3\u306e\u74b0\u5883\u3068\u3057\u3066\u65b0\u305f\u306b\u8ffd\u52a0\u3067\/usr\/local\u914d\u4e0b\u306b\u300chttpd2\u300d\u3092\u4f5c\u3063\u3066\u307f\u308b\u3053\u3068\u306b\u3057\u307e\u3059\u3002<\/p>\n<h4>1. OpenSSL 1.1.1a \u3092 \/usr\/local\/ssl \u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h4>\n<pre>$ sudo -i\r\n# yum -y groupinstall base\r\n# yum -y groupinstall development\r\n# yum -y update\r\n# yum -y install zlib-devel\r\n# yum -y install perl-core\r\n# cd \/usr\/local\/src\/\r\n# wget https:\/\/www.openssl.org\/source\/openssl-1.1.1a.tar.gz\r\n# tar xvfz openssl-1.1.1a.tar.gz\r\n# cd openssl-1.1.1a\r\n# .\/config --prefix=\/usr\/local\/ssl --openssldir=\/usr\/local\/ssl shared zlib\r\n# make depend\r\n# make\r\n# make test\r\n# make install\r\n# ln -s \/usr\/local\/ssl\/lib\/libcrypto.so.1.1 \/lib64\/libcrypto.so.1.1\r\n# ln -s \/usr\/local\/ssl\/lib\/libssl.so.1.1 \/lib64\/libssl.so.1.1\r\n# \/usr\/local\/ssl\/bin\/openssl version\r\n# echo \/usr\/local\/ssl\/lib &gt; \/etc\/ld.so.conf.d\/openssl111a.conf\r\n# ldconfig\r\n# \/usr\/local\/ssl\/bin\/openssl ciphers -v TLSv1.3<\/pre>\n<h4>2. Apache 2.4.37 \u3092 \/usr\/local\/httpd2 \u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h4>\n<p>apr\u3068apr-util\u3082\u30bd\u30fc\u30b9\u304b\u3089\u5165\u308c\u3089\u308c\u307e\u3059\u304c\u3001\u4eca\u56de\u306fyum\u3067\u5165\u308c\u3061\u3083\u3044\u307e\u3059\u3002\u3064\u3044\u3067\u306bnghttp2\u3082\u5165\u308c\u3066HTTP\/2\u306b\u3082\u5bfe\u5fdc\u3057\u3066\u304a\u304d\u307e\u3059\u3002<\/p>\n<pre># yum -y install libnghttp2-devel\r\n# yum -y install apr-devel apr-util-devel<\/pre>\n<p>&#8211;with-ssl=[dir]\u3092\u6307\u5b9a\u3059\u308b\u3053\u3068\u3067\u3001Apache\u3068OpenSSL\u3092\u7d50\u3073\u3064\u3051\u307e\u3059\u3002<\/p>\n<pre># cd \/usr\/local\/src\/\r\n# wget http:\/\/ftp.jaist.ac.jp\/pub\/apache\/\/httpd\/httpd-2.4.37.tar.gz\r\n# tar xvzf httpd-2.4.37.tar.gz\r\n# cd httpd-2.4.37\/\r\n# .\/configure \\\r\n   --prefix=\/usr\/local\/httpd2 \\\r\n   --enable-http2 \\\r\n   --enable-ssl \\\r\n   --with-ssl=\/usr\/local\/ssl \\\r\n   --enable-so \\\r\n   --enable-mods-shared=reallyall \\\r\n   --enable-mpms-shared=all \r\n# make\r\n# make install<\/pre>\n<p>\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u305f\u3089Apache\u306e\u8a2d\u5b9a\u3002httpd.conf\u306e\u8a72\u5f53\u7b87\u6240\u3092\u6709\u52b9\u5316\u3001\u8ffd\u8a18\u30fb\u4fee\u6b63\u3057\u307e\u3059\u3002<\/p>\n<pre># cd \/usr\/local\/httpd2\/conf\r\n# vi httpd.conf\r\n-----------------------------------------\r\n# for HTTP\/2 MPM worker\uff08\u306a\u305c\u304bevent\u304c\u7121\u3044\u30fb\u30fb\u30fb\uff09\r\n#LoadModule mpm_prefork_module modules\/mod_mpm_prefork.so\r\nLoadModule mpm_worker_module modules\/mod_mpm_worker.so\r\n# for HTTPS\r\nLoadModule ssl_module modules\/mod_ssl.so\r\nLoadModule socache_shmcb_module modules\/mod_socache_shmcb.so\r\n# for HTTP\/2\r\nLoadModule http2_module modules\/mod_http2.so\r\n# for VirtualHost\r\nLoadModule vhost_alias_module modules\/mod_vhost_alias.so\r\n# for Rewrite\r\nLoadModule rewrite_module modules\/mod_rewrite.so\r\n# for php-fpm\r\nLoadModule proxy_fcgi_module modules\/mod_proxy_fcgi.so\r\nLoadModule proxy_module modules\/mod_proxy.so\r\n.\r\n.\r\nUser apache\r\nGroup apache\r\n.\r\n.\r\n&lt;IfModule dir_module&gt;\r\n    # index.php\u8ffd\u52a0\uff08WordPress\u306b\u5fc5\u8981\uff09\r\n    #DirectoryIndex index.html\r\n    DirectoryIndex index.html index.php\r\n&lt;\/IfModule&gt;\r\n.\r\n.\r\n# php\u8ffd\u52a0\r\nAddType application\/x-httpd-php .php\r\nAddType application\/x-httpd-php-source .phps\r\n.\r\n.\r\nInclude conf\/extra\/httpd-mpm.conf\r\n.\r\n.\r\n# Virtual hosts\uff08http\u7528\u3001https\u7528\u306f\u5206\u3051\u3066\u8a2d\u5b9a\u3057\u307e\u3059\uff09\r\n#Include conf\/extra\/httpd-vhosts.conf\r\nInclude conf\/extra\/httpd-vhosts-http.conf\r\nInclude conf\/extra\/httpd-vhosts-https.conf\r\n.\r\n.\r\nInclude conf\/extra\/httpd-ssl.conf\r\n-----------------------------------------\r\n:wq<\/pre>\n<p>HTTPS\u306e\u8a2d\u5b9a\u3002httpd-ssl.conf\u3092\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u8ffd\u8a18\u30fb\u4fee\u6b63\u3057\u307e\u3059\u3002\u305b\u3063\u304b\u304f\u306a\u306e\u3067\u3088\u308a\u5b89\u5168\u306aTLS 1.2\u3001TLS 1.3\u3060\u3051\u306b\u5bfe\u5fdc\u3057\u307e\u3059\u3002<\/p>\n<pre># cd extra\r\n# vi httpd-ssl.conf\r\n-----------------------------------------\r\n.\r\n.\r\n# \u5e38\u6642SSL\r\nHeader set Strict-Transport-Security \"max-age=31536000; includeSubDomains; preload\"\r\nHeader edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure\r\nHeader always set X-Frame-Options SAMEORIGIN\r\nHeader always set X-Content-Type-Options nosniff\r\n.\r\n.\r\n# \u660e\u793a\u7684\u306bSSL\u5727\u7e2e\u3092OFF\r\nSSLCompression off\r\n.\r\n.\r\nSSLCipherSuite \"TLS_AES_256_GCM_SHA384 \\\r\nTLS_CHACHA20_POLY1305_SHA256 \\\r\nECDHE-RSA-AES128-GCM-SHA256 \\\r\nECDHE-RSA-AES256-GCM-SHA384 \\\r\nECDHE-RSA-AES256-SHA \\\r\nECDHE-RSA-AES256-SHA384 \\\r\nDHE-RSA-AES256-GCM-SHA384 \\\r\nDHE-RSA-AES256-SHA \\\r\nDHE-RSA-AES256-SHA256\"\r\n\r\nSSLProxyCipherSuite \"TLS_AES_256_GCM_SHA384 \\\r\nTLS_CHACHA20_POLY1305_SHA256 \\\r\nECDHE-RSA-AES128-GCM-SHA256 \\\r\nECDHE-RSA-AES256-GCM-SHA384 \\\r\nECDHE-RSA-AES256-SHA \\\r\nECDHE-RSA-AES256-SHA384 \\\r\nDHE-RSA-AES256-GCM-SHA384 \\\r\nDHE-RSA-AES256-SHA \\\r\nDHE-RSA-AES256-SHA256\"\r\n.\r\n.\r\nSSLProtocol all -SSLv3 -TLSv1 -TLSv1.1\r\nSSLProxyProtocol all -SSLv3 -TLSv1 -TLSv1.1\r\n.\r\n.\r\n# for OCSP\r\nSSLUseStapling on\r\nSSLStaplingResponderTimeout 5\r\nSSLStaplingReturnResponderErrors off\r\nSSLStaplingCache shmcb:\/var\/run\/ocsp(128000)\r\n.\r\n.\r\n#ServerName www.example.com:443\r\n#ServerAdmin you@example.com\r\n.\r\n.\r\nSSLEngine on\r\n    #Include \/etc\/letsencrypt\/options-ssl-apache.conf\r\n    SSLCertificateFile \/etc\/letsencrypt\/live\/ji0vwl.net\/cert.pem\r\n    SSLCertificateKeyFile \/etc\/letsencrypt\/live\/ji0vwl.net\/privkey.pem\r\n    SSLCertificateChainFile \/etc\/letsencrypt\/live\/ji0vwl.net\/chain.pem\r\n.\r\n.\r\n#SSLCertificateFile \"\/usr\/local\/httpd2\/conf\/server.crt\"\r\n.\r\n.\r\n#SSLCertificateKeyFile \"\/usr\/local\/httpd2\/conf\/server.key\"\r\n-----------------------------------------\r\n:wq<\/pre>\n<p>HTTP\u30d0\u30fc\u30c1\u30e3\u30eb\u30db\u30b9\u30c8\u306e\u8a2d\u5b9a<\/p>\n<pre># vi httpd-vhosts-http.conf\r\n-----------------------------------------\r\n&lt;VirtualHost *:80&gt;\r\n    DocumentRoot \/var\/www\/html\r\n    ServerName test.ji0vwl.net\r\n\r\n    &lt;Directory \"\/var\/www\/html\/\"&gt;\r\n        Options FollowSymlinks Includes\r\n        AllowOverride All\r\n        AddType text\/html .html\r\n        Require all granted\r\n    &lt;\/Directory&gt;\r\n    \r\n    # HTTPS\u306b\u30ea\u30e9\u30a4\u30c8\u3059\u308b\u5834\u5408\u306f\u30b3\u30e1\u30f3\u30c8\u30a2\u30a6\u30c8\u89e3\u9664\r\n    #RewriteEngine on\r\n    #RewriteCond %{SERVER_NAME} =test.ji0vwl.net\r\n    #RewriteRule ^ https:\/\/%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]\r\n&lt;\/VirtualHost&gt;\r\n-----------------------------------------\r\n:wq<\/pre>\n<p>HTTPS\u30d0\u30fc\u30c1\u30e3\u30eb\u30db\u30b9\u30c8\u306e\u8a2d\u5b9a<\/p>\n<pre># vi httpd-vhosts-https.conf\r\n-----------------------------------------\r\n&lt;IfModule mod_ssl.c&gt;\r\n&lt;VirtualHost *:443&gt;\r\n    DocumentRoot \/var\/www\/html\r\n    ServerName test.ji0vwl.net\r\n    \r\n    # HTTP\/2\u6709\u52b9\u5316\uff08h2\u8ffd\u52a0\uff09\r\n    Protocols h2 http\/1.1\r\n\r\n    &lt;Directory \"\/var\/www\/html\/\"&gt;\r\n        Options FollowSymlinks Includes\r\n        AllowOverride All\r\n        AddType text\/html .html\r\n        Require all granted\r\n    &lt;\/Directory&gt;\r\n\r\n    # SSL\u8a3c\u660e\u66f8\r\n    #Include \/etc\/letsencrypt\/options-ssl-apache.conf\r\n    SSLCertificateFile \/etc\/letsencrypt\/live\/ji0vwl.net\/cert.pem\r\n    SSLCertificateKeyFile \/etc\/letsencrypt\/live\/ji0vwl.net\/privkey.pem\r\n    SSLCertificateChainFile \/etc\/letsencrypt\/live\/ji0vwl.net\/chain.pem\r\n&lt;\/VirtualHost&gt;\r\n&lt;\/IfModule&gt;\r\n-----------------------------------------\r\n:wq<\/pre>\n<h4>3. Apache 2.4.37 \u3092 httpd2.service \u306b\u767b\u9332<\/h4>\n<p>STEP2\u3067\u306f\u300csystemctl start httpd\u300d\u3068\u3084\u3063\u3066\u8d77\u52d5\u3057\u3066\u3044\u307e\u3057\u305f\u304c\u3001\u8ffd\u52a0\u3067\u5165\u308c\u305fApache2.4.37\u3082\u540c\u69d8\u306b\u300csystemctl start httpd2\u300d\u3067\u8d77\u52d5\u3067\u304d\u308b\u3088\u3046\u306b\u3001httpd2 \u3068\u3044\u3046\u540d\u524d\u306e\u30b5\u30fc\u30d3\u30b9\u3068\u3057\u3066\u767b\u9332\u3057\u307e\u3059\u3002reload=<a href=\"https:\/\/ex1.m-yabe.com\/archives\/2180\">graceful<\/a>\u52d5\u4f5c\u3067\u3059\u3002<\/p>\n<pre> # vi \/etc\/systemd\/system\/httpd2.service\r\n-----------------------------------------\r\n[Unit]\r\nDescription=The Apache HTTP Server\r\nAfter=network.target remote-fs.target nss-lookup.target\r\n \r\n[Service]\r\nType=forking\r\nExecStart=\/usr\/local\/httpd2\/bin\/apachectl start\r\nExecReload=\/usr\/local\/httpd2\/bin\/apachectl graceful\r\nExecStop=\/usr\/local\/httpd2\/bin\/apachectl stop\r\n \r\n[Install]\r\nWantedBy=multi-user.target\r\n-----------------------------------------\r\n:wq<\/pre>\n<pre># systemctl daemon-reload\r\n# systemctl list-unit-files | grep httpd2<\/pre>\n<h4>4. PHP 7.3.0 \u3092 \/usr\/local\/php \u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b<\/h4>\n<p>&#8211;with-apxs2=[dir]\u3067PHP\u3068Apache\u3092\u3001&#8211;with-openssl=[dir]\u3067PHP\u3068OpenSSL\u3092\u3001&#8211;with-mysql-sock=[dir]\u3067PHP\u3068mySQL\u3092\u7d50\u3073\u3064\u3051\u307e\u3059\u3002\u3058\u3064\u306fOpenSSL\u3088\u308a\u3082PHP\u306e\u65b9\u304c\u4ed6\u3068\u306e\u7d50\u5408\u304c\u591a\u304f\u3001\u96e3\u95a2\u3067\u3057\u305f\u3002\u3002<\/p>\n<pre># cd \/usr\/local\/src\r\n# yum -y install libxml2-devel systemd-devel libpng-devel\r\n# wget http:\/\/jp2.php.net\/get\/php-7.3.0.tar.gz\/from\/this\/mirror -O \/usr\/local\/src\/php-7.3.0.tar.gz\r\n# tar -xvzf php-7.3.0.tar.gz\r\n# cd php-7.3.0\r\n# .\/configure \\\r\n--prefix=\/usr\/local\/php \\\r\n--with-apxs2=\/usr\/local\/httpd2\/bin\/apxs \\\r\n--with-openssl=\/usr\/local\/ssl \\\r\n--with-mysql-sock=\/var\/lib\/mysql\/mysql.sock \\\r\n--with-mysqli \\\r\n--with-pdo-mysql \\\r\n--enable-mbstring \\\r\n--with-gd \\\r\n--with-zlib \\\r\n--with-fpm-systemd \\\r\n--with-fpm-user=apache \\\r\n--with-fpm-group=apache \\\r\n--enable-fpm\r\n# make\r\n# make install<\/pre>\n<h4>5. STEP2\u306ehttpd\u3092\u505c\u6b62\u3057\u3001\u4eca\u5165\u308c\u305fSTEP3\u306ehttpd2\u3092\u8d77\u52d5\u3057\u3066\u5b8c\u6210\uff01<\/h4>\n<pre># systemctl stop httpd\r\n# systemctl disable httpd\r\n# systemctl start httpd2\r\n# systemctl enable httpd2<\/pre>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>httpd2\u3092\u8d77\u52d5\u3057\u3066<a href=\"https:\/\/www.ssllabs.com\/ssltest\/analyze.html\">SSL Labs\u3067HTTPS\u306e\u691c\u8a3c<\/a>\u3092\u884c\u3063\u305f\u3068\u3053\u308d\u3002\u307e\u3060\u958b\u767a\u74b0\u5883\u3067\u306e\u52d5\u4f5c\u78ba\u8a8d\u30ec\u30d9\u30eb\u3067\u3059\u304c\u3001Apache 2.4.37\/OpenSSL 1.1.1a\/PHP 7.3.0\u306e\u74b0\u5883\u306b\u3066\u3001\u4eca\u73fe\u5728\u6700\u65b0\u306eTLS 1.3\u306e\u5bfe\u5fdc\u304c\u78ba\u8a8d\u3067\u304d\u307e\u3057\u305f\uff01<a href=\"https:\/\/test.ji0vwl.net\/wp-content\/uploads\/2019\/01\/bf2e41e9ebf76b4d8f5e731583b8c902.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1619\" src=\"https:\/\/test.ji0vwl.net\/wp-content\/uploads\/2019\/01\/bf2e41e9ebf76b4d8f5e731583b8c902-1024x742.png\" alt=\"\" width=\"800\" height=\"580\" srcset=\"https:\/\/ji0vwl.net\/wp-content\/uploads\/2019\/01\/bf2e41e9ebf76b4d8f5e731583b8c902-1024x742.png 1024w, https:\/\/ji0vwl.net\/wp-content\/uploads\/2019\/01\/bf2e41e9ebf76b4d8f5e731583b8c902-300x217.png 300w, https:\/\/ji0vwl.net\/wp-content\/uploads\/2019\/01\/bf2e41e9ebf76b4d8f5e731583b8c902-768x557.png 768w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/a><a href=\"https:\/\/test.ji0vwl.net\/wp-content\/uploads\/2019\/01\/7a7ee11e4bdc4de793a0ea146083747b.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1615\" src=\"https:\/\/test.ji0vwl.net\/wp-content\/uploads\/2019\/01\/7a7ee11e4bdc4de793a0ea146083747b-1024x444.png\" alt=\"\" width=\"800\" height=\"347\" srcset=\"https:\/\/ji0vwl.net\/wp-content\/uploads\/2019\/01\/7a7ee11e4bdc4de793a0ea146083747b-1024x444.png 1024w, https:\/\/ji0vwl.net\/wp-content\/uploads\/2019\/01\/7a7ee11e4bdc4de793a0ea146083747b-300x130.png 300w, https:\/\/ji0vwl.net\/wp-content\/uploads\/2019\/01\/7a7ee11e4bdc4de793a0ea146083747b-768x333.png 768w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/a><a href=\"https:\/\/test.ji0vwl.net\/wp-content\/uploads\/2019\/01\/c0bc3b1882adb92f812dd0d17925ef69.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1616\" src=\"https:\/\/test.ji0vwl.net\/wp-content\/uploads\/2019\/01\/c0bc3b1882adb92f812dd0d17925ef69-1024x444.png\" alt=\"\" width=\"800\" height=\"347\" srcset=\"https:\/\/ji0vwl.net\/wp-content\/uploads\/2019\/01\/c0bc3b1882adb92f812dd0d17925ef69-1024x444.png 1024w, https:\/\/ji0vwl.net\/wp-content\/uploads\/2019\/01\/c0bc3b1882adb92f812dd0d17925ef69-300x130.png 300w, https:\/\/ji0vwl.net\/wp-content\/uploads\/2019\/01\/c0bc3b1882adb92f812dd0d17925ef69-768x333.png 768w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/a><\/p>\n<p>Apache-OpenSSL-PHP\u306e\u7d50\u3073\u3064\u304d\u304c\u5f37\u56fa\u3059\u304e\u3066\u3001OpenSSL\u3092\u5165\u308c\u66ff\u3048\u308b\u3068Apache\u3084PHP\u3082\u30d3\u30eb\u30c9\u3057\u76f4\u3055\u306a\u3051\u308c\u3070\u306a\u3089\u305a\u3001\u52d5\u4f5c\u3055\u305b\u308b\u306e\u306b\u975e\u5e38\u306b\u82e6\u52b4\u3057\u307e\u3057\u305f\u3002\u3082\u3046\u5c11\u3057\u3044\u3058\u3063\u3066\u307f\u3066\u3001\u5b89\u5b9a\u52d5\u4f5c\u304c\u78ba\u8a8d\u3067\u304d\u305f\u3089\u672c\u756a\u74b0\u5883\u306b\u3082\u5165\u308c\u3066\u307f\u3088\u3046\u304b\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n<p>\u4eca\u307e\u3067\u306fVPS1\u53f0\u3060\u3063\u305f\u306e\u3067\u5371\u306a\u3044\u6a4b\uff08yum\u4ee5\u5916\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\uff09\u306f\u6e21\u308c\u307e\u305b\u3093\u3067\u3057\u305f\u304c\u3001AWS\u306a\u3089\u597d\u304d\u306b\u958b\u767a\u74b0\u5883\u3092\u4f5c\u3063\u3066\u3001\u8aa4\u3063\u3066\u58ca\u3057\u3061\u3083\u3063\u3066\u3082\u6f70\u3057\u3066\u4f5c\u308a\u76f4\u305b\u3070\u826f\u3044\u306e\u3067\u3068\u3066\u3082\u6c17\u304c\u697d\u306b\u306a\u308a\u307e\u3057\u305f\u3002\u30b5\u30fc\u30d0\u306e\u52c9\u5f37\u306b\u306f\u6700\u9069\u3067\u3059\u306d\u3002<\/p>\n<p>&nbsp;<\/p>\n<hr \/>\n<h4>\u8ffd\u8a18<\/h4>\n<p>\u672c\u756a\u74b0\u5883\u306b\u53cd\u6620\u3055\u305b\u308b\u5834\u5408\u306f\u3001Let&#8217;s Encrypt\u306eSSL\u8a3c\u660e\u66f8\u66f4\u65b0\u5f8c\u306ereload\u3092httpd2\u306b\u5909\u66f4\u3059\u308b\u306e\u3092\u5fd8\u308c\u305a\u306b\uff01<\/p>\n<pre># vi \/etc\/cron.d\/dailyjobs\r\n-------------------------------\r\n.\r\n.\r\n# run-parts\r\n0 3 1 * * root \/bin\/certbot renew --force-renew --rsa-key-size 4096 --post-hook \"systemctl reload httpd2\"\r\n.\r\n.\r\n-------------------------------\r\n:wq\r\n<\/pre>\n<pre># systemctl restart crond\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>CentOS7\u306bApache2.4.37+OpenSSL1.1.1a+PHP7.3.0\u3092\u30bd\u30fc\u30b9\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb \u305d\u306e\u3046\u3061OpenSSL 1.1.1\u3092\u5165\u308c\u3066TLS 1.3\u306b\u5bfe\u5fdc\u3057\u305f\u3044\u306a\u3041\u3068\u601d\u3044\u306a\u304c\u3089\u3082\u3001OpenSSL\u306f\u3044\u308d &hellip; <a href=\"https:\/\/ji0vwl.net\/index.php\/2019\/01\/04\/1603\/\" class=\"more-link\">\u7d9a\u304d\u3092\u8aad\u3080 <span class=\"screen-reader-text\">Apache2.4.37 + OpenSSL1.1.1a\u3092\u30bd\u30fc\u30b9\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1603","post","type-post","status-publish","format-standard","hentry","category-server"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/posts\/1603","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/comments?post=1603"}],"version-history":[{"count":0,"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/posts\/1603\/revisions"}],"wp:attachment":[{"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/media?parent=1603"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/categories?post=1603"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/tags?post=1603"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}