¼ø¶È»ñÎÁ/Âè07²ó
24»þ´ÖÅŸ»¤¬Æþ¤Ã¤Æ¤¤¤ë¤ï¤±¤Ç¤Ï¤Ê¤¤¥µ¡¼¥Ð¤Ë¤Ä¤¤¤Æ¤Î¿´¹½¤¨ †
Á°²ó¤Î¼ø¶È¤Ç¡¤¥»¥¥å¥ê¥Æ¥£Âкö¤È¤·¤Æ¤Î OS, Ports/Pacages ¤ÎȾ¼«Æ°Åª¤ÊÀȼåÀ¾ðÊó¼ý½¸¤Ë¤Ä¤¤¤Æ³Ø¤ó¤À¤¬¡¤24»þ´ÖÅŸ»¤¬Æþ¤Ã¤Æ¤¤¤ÆȾ¼«Æ°Åª¤Ë¾õ¶·¤ò¥Á¥§¥Ã¥¯¤Ç¤¤Æ¤¤¤ë¥·¥¹¥Æ¥à¤Ç¤Ï¤Ê¤¤¾ì¹ç, ¤³¤¦¤·¤¿È¾¼«Æ°²½¤¬Í¸ú¤Ç¤Ï¤Ê¤¤.
¤Ä¤Þ¤ê¡¤ÅŸ»¤òÆþ¤ì¤¿¤È¤¤Ë¥·¥¹¥Æ¥à¤Î¾õ¶·¥Á¥§¥Ã¥¯¤ò¹Ô¤¦¤·¤«¤Ê¤¤.
¤³¤ì¤òµ¯Æ°»þ¤Ë¼«Æ°Åª¤Ë¹Ô¤¦¤è¤¦¤Ë¤·¤Æ¤â¤è¤¤¤¬¡¤¤³¤³¤Ç¤ÏÁ°²ó¤Î³Ø½¬ÆâÍƤò³è¤«¤·¤Æ´Êñ¤ËǽưŪ¤Ë¹Ô¤¦¤³¤È¤ò¹Í¤¨¤è¤¦.
¶ñÂÎŪ¤Ë¤Ï¡¤ÅŸ»¤òÆþ¤ì¤¿¤é¤Ê¤ë¤Ù¤¯¤Ï°Ê²¼¤Îºî¶È¤ò¹Ô¤ª¤¦.
(OS ¤Î¥Ð¡¼¥¸¥ç¥ó¤¬¸Å¤¹¤®¤Ê¤¤¤«¤Î¥Á¥§¥Ã¥¯¤Ë»È¤¨¤ë)
freebsd-update fetch
(¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë Ports/Packages ¤ÎÀȼåÀ¤Î¥Á¥§¥Ã¥¯)
portaudit -adF
(Ports ¾ðÊó¤Î¹¹¿·)
portsnap fetch portsnap update
(¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë Ports/Packages ¤¬¤É¤ì¤¯¤é¤¤¸Å¤¤¤«¤Î»²¹Í¤Ë. ¤¿¤À¤·¤³¤ÎÁàºî¤Ï»þ´Ö¤¬¤«¤«¤ë¤Î¤Ç¾õ¶·¤Ë±þ¤¸¤Æ.)
portupgrade -na
¥µ¡¼¥Ð¥µ¡¼¥Ó¥¹¤ÎÄó¶¡: web ¥µ¡¼¥Ð¤Ë¤Ä¤¤¤Æ³µÍ× †
¤µ¤Æ¡¤¥Í¥Ã¥È¥ï¡¼¥¯¥µ¡¼¥Ó¥¹¤ÎÃæ¤Ç¤â´ðËܤ¬¥·¥ó¥×¥ë¤Ê Web ¥µ¡¼¥Ð¤ò¼ÂºÝ¤ËÆ°¤«¤·¤Æ¤ß¤è¤¦.
Web ¤È¤¤¤¦»ÅÁȤߤϥ·¥ó¥×¥ë¤Ç¤¢¤ë¤è¤¦¤ËÀ߷פµ¤ì¤¿¤â¤Î¤Ç¤¢¤ë¤Î¤Ç¡¤¾å¤Î¿Þ¤Ë¤ß¤ë¤è¤¦¤Ë´ðËܹ½Â¤¤Ï¤È¤Æ¤âÍý²ò¤·¤ä¤¹¤¤.
´ðËܤϥ·¥ó¥×¥ë¤Ê¤Î¤À¤¬¡¤¤½¤Î¾å¤ËŸ³«¤µ¤ì¤Æ¤¤¤ë±þÍѵ»½Ñ¤Ïº£¤È¤Ê¤Ã¤Æ¤Ï·ë¹½Ê£»¨¤Ç¡¤Á´ËƤÎÇÄ°®¤Ï´Êñ¤Ç¤Ï¤Ê¤¤¤«¤â.
¾ÜºÙ¤Ï¸å¤ÇÀâÌÀ¤¹¤ë¤¬¡¤°ìÈÌ¤Ë Port 80 ¤ÏÄ̾ï¤Î Web ¤Î¤ä¤ê¼è¤ê(HTTP)¤Ë»È¤¤¡¤Port 443 ¤Ï SSL ¤Ç¤Î web ¾ðÊó¤Î¤ä¤ê¤È¤ê(HTTPS)¤Ë»È¤ï¤ì¤ë¤³¤È¤¬Â¿¤¤.
¤È¤¤¤¦¤³¤È¤Ç¡¤º£²ó¤Ï Web ¥µ¡¼¥Ð¤òÍÑ°Õ¤·¡¤Æ°¤«¤·¤Æ¤ß¤ë.
Web ¥µ¡¼¥Ð¥½¥Õ¥È¥¦¥§¥¢ Apache †
web ¥µ¡¼¥Ð¤È¤·¤ÆÎò»Ë¤¬¤¢¤ê¤«¤ÄºÇ¤âÎɤ¯»È¤ï¤ì¤ë¤â¤Î¤Ï¸½»þÅÀ¤Ç¤ÏApache*1 ¤Ç¤¢¤ë.
¤³¤ì¤Ï Apache Software Foundation( http://www.apache.org )¤Ç³«È¯¤µ¤ì¤Æ¤¤¤ë.
ÀȼåÀ¤¬Æä˽ÅÂç¤ÊÌäÂê¤È¤Ê¤ê¤¬¤Á¤Ê web¥µ¡¼¥Ð¥×¥í¥°¥é¥à¤È¤·¤Æ¤Ï¡¤¡Ö¹¤¯»È¤ï¤ì¤Æ¤¤¤Æ¡¤¾ðÊó¤¬ÁÇÁ᤯ÃΤé¤ì¤ë¡×¤³¤¦¤·¤¿¤â¤Î¤ò»È¤¦¤Î¤¬¤è¤¤¤À¤í¤¦.
¥¤¥ó¥¹¥È¡¼¥ëÁ°¤Î½àÈ÷ †
ÍøÍѤ¹¤ëÁ°¤Î¥é¥¤¥»¥ó¥¹³Îǧ †
²¿¤«¥½¥Õ¥È¥¦¥§¥¢¤òƳÆþ¤¹¤ë¤È¤¤Ï¡¤¤Þ¤º¤Ï¤È¤â¤«¤¯¥é¥¤¥»¥ó¥¹¤ò³Îǧ¤·¤è¤¦. ¶ñÂÎŪ¤Ë¤Ï Apache Software Foundation ¤Î Web ¤ò±ÜÍ÷¤·¡¤¤½¤¦¤·¤¿¹àÌܤòõ¤·¤ÆÆɤ⤦*2.
¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Ê¤¤¤«¥Á¥§¥Ã¥¯ †
Web ¥µ¡¼¥Ð¤¬´û¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤¿¤ê¡¤Æ°¤¤¤Æ¤¤¤¿¤ê¤·¤Ê¤¤¤«¥Á¥§¥Ã¥¯¤·¤è¤¦. ¶ñÂÎŪ¤Ë¤Ï¡¤
- ¤Þ¤º¡¤/etc/rc.conf ¤òÆɤߡ¤¤Þ¤¿¡¤/usr/local/etc/rc.d (¥Ç¥£¥ì¥¯¥È¥ê)¤ò¸«¤Æ¡¤apache ¤ä httpd ¤Ê¤É¤Îµ½Ò/¸ºß¤Ê¤É¤¬Ìµ¤¤¤«¤ò¥Á¥§¥Ã¥¯.
- ¼¡¤Ë¡¤
pkg_info | grep -i apache
¤Î½ÐÎÏ·ë²Ì¤ò¤ß¤Æ, Ports/Packages ¤È¤·¤Æ Apache ¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Ê¤¤¤«¥Á¥§¥Ã¥¯.
- ¼¡¤Ë¡¤
ps -axuww | grep -i http
¤Î½ÐÎÏ·ë²Ì¤ò¤ß¤Æ, web server ¤ÎÎत¤¬Æ°¤¤¤Æ¤¤¤Ê¤¤¤«(¤¿¤Ö¤ó httpd ¤È¤¤¤¦Ì¾Á°¤ÇÆ°¤¤¤Æ¤¤¤ë¤¿¤á)¤â¥Á¥§¥Ã¥¯.
- ¼¡¤Ë¡¤
lsof -i4 | grep -i http
¤Î½ÐÎÏ·ë²Ì¤ò¤ß¤Æ, ¥Í¥Ã¥È¥ï¡¼¥¯¥µ¡¼¥Ó¥¹¤È¤·¤Æ httpd ¤¬Æ°¤¤¤Æ¤¤¤Ê¤¤¤«¥Á¥§¥Ã¥¯.
¾åµÁ´¤Æ¤ò¤Þ¤º¥Á¥§¥Ã¥¯¤·¤è¤¦.
¤½¤Î¤Ä¤â¤ê¤¬¤Ê¤¤¤Î¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë¤È¤¤¤¦¤è¤¦¤Ê¾ì¹ç¤Ï¡¤Ç°¤Î°Ù¤Ë°ìö¥¢¥ó¥¤¥¹¥È¡¼¥ë¤·¤è¤¦*3.
¥¤¥ó¥¹¥È¡¼¥ë¤¹¤Ù¤¥Ð¡¼¥¸¥ç¥ó¤ÎÇÄ°® †
¤È¤ê¤¢¤¨¤ººÇ¿·¥Ð¡¼¥¸¥ç¥ó¤Ç¤è¤¤¤è¤¦¤Ë»×¤¦¤À¤í¤¦¤¬¡¤¤³¤ì¤°¤é¤¤Â礤ʥ½¥Õ¥È¥¦¥§¥¢¤À¤È¤½¤¦¤â¤¤¤«¤Ê¤¤¤³¤È¤â¤¢¤ë.
¤½¤³¤Ç¡¤Â礶¤Ã¤Ñ¤Ç¤è¤¤¤Î¤Ç¥Ð¡¼¥¸¥ç¥ó¤Ë¤è¤ë°ã¤¤¤¬¤É¤¦¤Ê¤Î¤«Ä´¤Ù¤Æ¤ª¤³¤¦.
Âç¤Þ¤«¤Ëʬ¤±¤Æ apache ¤Ë¤Ï¸½ºß¤Ï 1.3·ÏÅý¡¤2.0·ÏÅý¡¤2.2·ÏÅý¤Î3¤Ä¤Î¥Ð¡¼¥¸¥ç¥ó¤¬¤¢¤ë.
¤³¤ì¤é¤Ë¤É¤Î¤è¤¦¤Ê°ã¤¤¤¬¤¢¤ë¤Î¤«¡¤Â礶¤Ã¤Ñ¤Ë¤Ç¤è¤¤¤Î¤Ç¤·¤é¤Ù¤è. ¤³¤Î»þÃíÌܤ¹¤Ù¤¥Ý¥¤¥ó¥È¤Ï¡¤
- µ¡Ç½¤ÎÊѹ¹¤Ï¤É¤¦¤«¡Ä ¤ÏÅöÁ³¤È¤·¤Æ¡¤
- ¥é¥¤¥»¥ó¥¹¤ÎÊѹ¹¤Ï¤Ê¤¤¤«
- ÍøÍѤǤ¤ë´Ä¶(OS ¤ä´ðÁäȤʤ륽¥Õ¥È¥¦¥§¥¢¤Î¥Ð¡¼¥¸¥ç¥ó)¤ÎÊѹ¹¤Ï¤É¤¦¤«
- °ÂÄꤷ¤ÆÆ°¤¤¤Æ¤¤¤½¤¦¤«
- ¥Þ¥Ë¥å¥¢¥ëÅù¤Ï½¼¼Â¤·¤Æ¤¤¤ë¤«
¤Ê¤É¤Ë¤Ê¤ë.
¥¤¥ó¥¹¥È¡¼¥ë †
¤µ¤Æ¡¤º£²ó¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¥Ð¡¼¥¸¥ç¥ó¤Ï 2.2 ·ÏÅý¤È¤·¤Æ¤ª¤¯. ÆäËÌäÂê¤Ï¤Ê¤¤¤Ï¤º¤À.
Ports ¤òÍѤ¤¤Æ¥¤¥ó¥¹¥È¡¼¥ë †
¤½¤·¤Æ¥¤¥ó¥¹¥È¡¼¥ë¤Ï ports ¤«¤é¤Î¥¤¥ó¥¹¥È¡¼¥ë¤Ç¤è¤¤¡Ä¤È¤¤¤¦¤«¡¤¤½¤ì¤¬¤è¤¤.
portsnap fetch portsnap update
¤È¤·¤ÆÇ°¤Î°Ù¤Ë ports ¤òºÇ¿·¤Î¤â¤Î¤Ë¤·¤Æ¤«¤é¡¤°Ê²¼¤Î¤è¤¦¤Ë¤·¤Æ¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë.
cd /usr/ports portinstall www/apache22
¤³¤ì¤Ç 2.2.9_5 ¤Î¥¤¥ó¥¹¥È¡¼¥ë¤¬»Ï¤Þ¤ë.
¤·¤Ð¤é¤¯¤¹¤ë¤È¡¤Apache ¤Î¥¤¥ó¥¹¥È¡¼¥ë¥ª¥×¥·¥ç¥ó¤ò
¤Èʹ¤¤¤Æ¤¯¤ë¤Î¤Ç¡¤
- IPv6 ¤Î¥Á¥§¥Ã¥¯¤ò³°¤¹ (¤³¤Î¼ø¶È¤Ç¤Ï IPv6 ¤Ï»È¤ï¤Ê¤¤¤Î¤Ç)
¤ÈÊѹ¹¤¹¤ë¤°¤é¤¤¤Ç¡¤¤¢¤È¤Ï¤½¤Î¤Þ¤Þ¤Ç¿Ê¤á¤Æ¤è¤¤¤À¤í¤¦.
Ports ¤Î¥¤¥ó¥¹¥È¡¼¥ë¥ª¥×¥·¥ç¥ó¤Ï°ì²óÀßÄꤹ¤ë¤ÈµÏ¿¤µ¤ì¡¤¼¡¤«¤é¤Ï¤½¤ÎÀßÄ꤬»È¤ï¤ì¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë.
¤½¤Î¤¿¤á¡¤´Ö°ã¤¨¤¿ÀßÄê¤ò¤·¤Æ¤·¤Þ¤Ã¤¿¤Î¤Ç¥¤¥ó¥¹¥È¡¼¥ë¤ò¤ä¤êľ¤·¤¿¤¤¡¤¤È¤¤¤¦¤è¤¦¤Ê¾ì¹ç¤Ïº¤¤ë.
¤½¤¦¤·¤¿¾ì¹ç¤Ï¡¤/var/db/ports ¤Î²¼¤Ë¤¢¤ë¥ª¥×¥·¥ç¥ó¤¬µÏ¿¤µ¤ì¤¿¥Õ¥¡¥¤¥ë options ¤ò¾Ãµî¤·¤Æ¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤·¤è¤¦. ¤½¤¦¤¹¤ì¤ÐºÆ¤Ó¥ª¥×¥·¥ç¥óÀßÄê¤ò¿Ò¤Í¤Æ¤¯¤ë.
¤³¤¦¤·¤¿Â礤ʥ½¥Õ¥È¥¦¥§¥¢¤Ç¤Ï, ¥¤¥ó¥¹¥È¡¼¥ë»þ¤Ë½ÅÍפÊÃí°ÕÅÀ¤Ê¤É¤¬²èÌ̤˽ÐÎϤµ¤ì¤ë.
¤³¤¦¤·¤¿Ãí°ÕÅÀ¤ò¸«Æ¨¤¹¤ÈÂçÊѤʤ³¤È¤Ë¤Ê¤ë¤³¤È¤â¤¢¤ë¤Î¤Ç¡¤°ìÄ̤êÌܤòÄ̤¹¤³¤È¤ò˺¤ì¤Æ¤Ï¤¤¤±¤Ê¤¤.
¥¹¥¯¥í¡¼¥ë¤¬Â®¤¯¤Æ¿ʬÆɤߤ¤ì¤Ê¤¤¤À¤í¤¦¤¬¡¤Ports ¤Ç¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿¾ì¹ç¤Ï¡¤¥í¥°¤ò»Ä¤¹¤è¤¦¤Ë°ÊÁ°ÀßÄꤷ¤Æ¤¢¤ë¤Î¤Ç¡¤¤½¤Î¥í¥°¤ò¥¤¥ó¥¹¥È¡¼¥ë¤¬½ª¤ï¤Ã¤¿¤¢¤È¤Ë¤æ¤Ã¤¯¤êÆɤá¤Ð¤è¤¤.
Ports ¤Î¥¤¥ó¥¹¥È¡¼¥ë¥í¥°¤Ï¡¤°ÊÁ°¤ÎÀßÄêÄ̤ê¤Ê¤é¤Ð /var/log/ports °Ê²¼¤Ë¤¢¤ë¤Ï¤º¤À.
¥¤¥ó¥¹¥È¡¼¥ë¤¬½ª¤ï¤Ã¤¿¤é¡¤¥¤¥ó¥¹¥È¡¼¥ë¥í¥°¤òÆɤó¤Ç¡¤Ãí°ÕÅÀ¤Ê¤É¤¬¤Ê¤¤¤«¥Á¥§¥Ã¥¯¤·¤è¤¦.
¤¿¤À¤·¡¤Apache ¤Î¥¤¥ó¥¹¥È¡¼¥ë¤ËɬÍפʡÖ¾¤Î¥½¥Õ¥È¥¦¥§¥¢¡×¤¬°ì½ï¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì, ¤½¤ì¤Ë¤Ä¤¤¤ÆÃí°ÕÅÀ¤¬Â¸ºß¤¹¤ë¤³¤È¤â¹Í¤¨¤é¤ì¤ë¤Î¤Ç¡¤
cd /var/log/ports ls -lgaF
¤Ê¤É¤È¤·¤Æ¥í¥°¥Õ¥¡¥¤¥ë¤ÎÆüÉÕ¤ò¥Á¥§¥Ã¥¯¤·¤Æ¡¤Apache ¤È°ì½ï¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿¤È»×¤ï¤ì¤ë¿·¤·¤¤¥½¥Õ¥È¤Î¥í¥°¥Õ¥¡¥¤¥ëÁ´¤Æ¤ËÌܤòÄ̤½¤¦.
¼ÂºÝ¡¤¾å¤Î¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤¢¤ë¤À¤í¤¦ www::apache22.log ¤òÆɤó¤Ç(¥Õ¥¡¥¤¥ë¤ÎºÇ½é¤ÎÉôʬ¤Ï¤·¤Ð¤é¤¯¤Ï¥ª¥×¥·¥ç¥óÁªÂò²èÌ̤Τ¿¤á¤Î¥¨¥¹¥±¡¼¥×¥·¡¼¥±¥ó¥¹¤ÎÍò¤ÇÆɤߤˤ¯¤¤¤¬²æËý¤·¤ÆÀè¤Ø¿Ê¤à)
¥á¥Ã¥»¡¼¥¸¤äÃí°Õ½ñ¤ËÁêÅö¤·¤½¤¦¤ÊÉôʬ¤òÈ´¤½Ð¤¹¤È°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ë.
(¥ª¥×¥·¥ç¥óÁªÂò²èÌÌľ¸å¤°¤é¤¤)
To enable a module category: WITH_<CATEGORY>_MODULES
To disable a module category: WITHOUT_<CATEGORY>_MODULES
Per default categories are:
AUTH AUTHN AUTHZ DAV CACHE MISC
Categories available:
AUTH AUTHN AUTHZ CACHE DAV EXPERIMENTAL LDAP MISC PROXY SSL SUEXEC THREADS
To see all available knobs, type make show-options
To see all modules in different categories, type make show-categories
You can check your modules configuration by using make show-modules
¥ª¥×¥·¥ç¥ó¤Î On/Off ¤ä¸½¾õÀßÄ꤬¤É¤¦¤Ê¤Ã¤Æ¤¤¤ë¤«¤òÃΤëÊýË¡¤ÎÀâÌÀ¤À.
º£²ó¤Ï¤È¤ê¤¢¤¨¤ºµ¤¤Ë¤·¤Ê¤¯¤Æ¤è¤¤¤À¤í¤¦.
(¼ÂºÝ¤Î¥¤¥ó¥¹¥È¡¼¥ë¤¬»Ï¤Þ¤Ã¤Æ¤«¤é)
Libraries have been installed in:
/usr/local/lib
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,--rpath -Wl,LIBDIR' linker flag
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿¥é¥¤¥Ö¥é¥ê¤ò¼«ºî¥½¥Õ¥È¤Ç»È¤¤¤¿¤±¤ì¤Ð¤³¤¦¤·¤í¡¤¤È¤¤¤¦ÏäÀ.
¤³¤ì¤âº£²ó¤Ï¤È¤ê¤¢¤¨¤ºµ¤¤Ë¤·¤Ê¤¯¤Æ¤è¤¤¤À¤í¤¦.
(¥¤¥ó¥¹¥È¡¼¥ë¼Âºî¶È¤½¤Î¤â¤Î¤¬¤Û¤Ü½ª¤ï¤Ã¤¿¤È¤³¤í¤Ç)
To run apache www server from startup, add apache22_enable="YES"
in your /etc/rc.conf. Extra options can be found in startup script.
Apache ¤ò¡¤¥µ¡¼¥Ðµ¯Æ°»þ¤«¤é(¼«Æ°Åª¤Ë)Æ°¤¯¤è¤¦¤Ë¤·¤¿¤±¤ì¤Ð¤³¤¦¤·¤í¡¤¤Þ¤¿¡¤ºÙ¤«¤¤¥ª¥×¥·¥ç¥óÅù¤Ïµ¯Æ°¥¹¥¯¥ê¥×¥È¤Ë½ñ¤¤¤Æ¤¢¤ë¤Ï¤º¡¤¤È¤¤¤¦ÏäÀ.
·ë¹½½ÅÍפʥá¥Ã¥»¡¼¥¸¤À. ¤³¤ì¤ò¸«Æ¨¤µ¤Ê¤¤¤è¤¦¤Ë¤·¤è¤¦.
¤³¤¦¤·¤¿µ¯Æ°¥¹¥¯¥ê¥×¥È¥Õ¥¡¥¤¥ë¤Ï¡¤¤¿¤¤¤Æ¤¤¤Ï /usr/local/etc/rc.d ¤È¤¤¤¦¥Ç¥£¥ì¥¯¥È¥ê¤ËÇÛÃÖ¤µ¤ì¤ë.
(¤Û¤ÜºÇ¸å¤Ç)
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/lib/libapr-1.so.3
This port has installed the following startup scripts which may cause
these network services to be started at boot time.
/usr/local/etc/rc.d/apache22
/usr/local/etc/rc.d/htcacheclean
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
¥»¥¥å¥ê¥Æ¥£Åª¤Ë¥ê¥¹¥¯¤ò¤â¤Á¤¦¤ëÉôʬ¤Ë¤Ä¤¤¤ÆÀâÌÀ¤¬¤¢¤ë.
ñ¤Ë¡Ö¤½¤¦¤·¤¿²ÄǽÀ¤Î¤¢¤ê¤¦¤ë¡×¥½¥Õ¥È¤ä¥é¥¤¥Ö¥é¥ê¤¬µ¡³£Åª¤ËÎóµó¤µ¤ì¤ë¤À¤±¤Ê¤Î¤Ç¤³¤ì¤ò¤ß¤Æ¤¹¤°¤Ë¤É¤¦¤³¤¦¤È¤¤¤¦¤â¤Î¤Ç¤Ï¤Ê¤¤¤¬¡¤¤È¤ê¤¢¤¨¤ºÌܤòÄ̤·¤Æ¤ª¤¯¤Ù¤¤À¤í¤¦.
Apache ¤Îµ¯Æ° †
µ¯Æ°ÀßÄê †
¤Þ¤º¤Ï OS ¥Ö¡¼¥È»þ¤Ë Apache ¤¬Æ°¤¯¤è¤¦¤Ë¤·¤è¤¦.
¾å¤Ë»ØÄꤵ¤ì¤¿¤è¤¦¤Ëºî¶È¤ò¤·¤Æ¤«¤é¡¤¥ê¥Ö¡¼¥È¤·¤è¤¦.
µ¯Æ°¥Á¥§¥Ã¥¯ †
¤µ¤Æ¡¤¤³¤ì¤Ç´û¤Ëµ¯Æ°»þ¤Ë Apache ¤¬µ¯Æ°¤¹¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤Ï¤º.
¤½¤³¤Ç¡¤³Î¤«¤Ëµ¯Æ°¤·¤Æ¤¤¤ë¤«³Îǧ¤·¤è¤¦.
- ¤Þ¤º¤Ï¾å¤Ç¥¤¥ó¥¹¥È¡¼¥ëÁ°¤Ë¥Á¥§¥Ã¥¯¤·¤¿ lsof ¤ÎÊýË¡¤ò»È¤¦¤Î¤¬¤è¤¤¤À¤í¤¦.
- ¼¡¤Ë¡¤Æ°¤¤¤Æ¤¤¤½¤¦¤Ê¤é¤Ð¤µ¤é¤Ë (firefox Åù¤Î) Web Browser ¤Ç http://localhost/ ¤Ë¥¢¥¯¥»¥¹¤·¤Æ¤ß¤è¤¦. "It Works!" ¤Ê¤É¤Èɽµ¤µ¤ì¤ì¤Ð Apache ¤¬³Î¼Â¤ËÆ°¤¤¤Æ¤¤¤ë.
Æ°¤¤¤Æ¤¤¤Ê¤¤¾ì¹ç¤Ï¤É¤¦¤ä¤Ã¤Æ¸¶°ø¤òÆͤ»ß¤á¤ì¤Ð¤è¤¤¤«?
Î㤨¤Ð¡¤¼¡¤Î½ç½ø¤ÇÄ´¤Ù¤ì¤Ð¤ª¤ª¤è¤½¸¶°ø¤¬Æͤ»ß¤á¤é¤ì¤è¤¦.
- /var/log/ ¤Î²¼¤Ë httpd-error.log ¤È¤¤¤¦¤è¤¦¤Ê¥Õ¥¡¥¤¥ë¤¬¤¢¤ë¤«Ä´¤Ù¤ë. ¤³¤ì¤¬Ìµ¤¤¤è¤¦¤Ê¾ì¹ç¤Ï¡¤Apache ¤Ï¡Öµ¯Æ°¤·¤è¤¦¤È¤¹¤é¤·¤Ê¤«¤Ã¤¿¡×¤È¤¤¤¦¤³¤È¤Ê¤Î¤Ç¡¤/etc/rc.conf ¤Ë½ñ¤¤³¤ó¤Àʸ»úÎó¤Î¥¹¥Ú¥ë¥ß¥¹¤Ê¤É¤¬¸¶°ø¤È¤¤¤¦²ÄǽÀ¤¬¹â¤¤.
- /var/log/httpd-error.log ¤òÆɤà. ¤¹¤ë¤È Apache ¤Îµ¯Æ°ÅÓÃæ¤ÎµÏ¿¤¬¤¢¤ë¤Ï¤º¤À. ¤³¤ÎÃæ¤Ë [alert] ¤Ê¤É¤È¤¤¤¦¸Ä½ê¤¬¤¢¤ì¤Ð¤½¤³¤¬ÌäÂê¤ò»ØŦ¤·¤Æ¤¤¤ë¸Ä½ê¤Ê¤Î¤Ç¡¤¤½¤Î¥á¥Ã¥»¡¼¥¸¤ò¤·¤Ã¤«¤êÆɤó¤ÇÍý²ò¤·¤è¤¦.
¼¡¤Ë¡¤CGI (Common Gateway Interface)¤Î¥Æ¥¹¥È¤ÈÀܳ¾õ¶·¤Î¥Á¥§¥Ã¥¯¤ò·ó¤Í¤Æºî¶È¤·¤è¤¦.
¶ñÂÎŪ¤Ë¤Ï¡¤
cd /usr/local/www/apache22/cgi-bin chmod aog+x ./printenv
¤È¤·¤Æ¡¤¥µ¥ó¥×¥ë cgi ¤ÎÆ°ºîµö²Ä¤ò½Ð¤·¤Æ¤«¤é¡¤º£ÅÙ¤Ï http://localhost/cgi-bin/printenv ¤ËÀܳ¤·¤Æ¤ß¤è¤¦. ¤¹¤ë¤È
DOCUMENT_ROOT="/usr/local/www/apache22/data"
GATEWAY_INTERFACE="CGI/1.1"
HTTP_ACCEPT="text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
HTTP_ACCEPT_CHARSET="Shift_JIS,utf-8;q=0.7,*;q=0.7"
HTTP_ACCEPT_ENCODING="gzip,deflate"
HTTP_ACCEPT_LANGUAGE="ja,en-us;q=0.7,en;q=0.3"
HTTP_CONNECTION="keep-alive"
HTTP_HOST="¥Û¥¹¥È"
HTTP_KEEP_ALIVE="300"
HTTP_USER_AGENT="¥¢¥¯¥»¥¹¤·¤¿ web browser ¤Î¾ðÊó"
PATH="/sbin:/bin:/usr/sbin:/usr/bin"
QUERY_STRING=""
REMOTE_ADDR="¥¢¥¯¥»¥¹¤·¤¿¥Û¥¹¥È"
REMOTE_PORT="2036"
REQUEST_METHOD="GET"
REQUEST_URI="/cgi-bin/printenv"
SCRIPT_FILENAME="/usr/local/www/apache22/cgi-bin/printenv"
SCRIPT_NAME="/cgi-bin/printenv"
SERVER_ADDR="¥µ¡¼¥Ð¤Î¥¢¥É¥ì¥¹"
SERVER_ADMIN="¥µ¡¼¥Ð¤Î´ÉÍý¼Ô"
SERVER_NAME="¥µ¡¼¥Ð¤Î̾Á°"
SERVER_PORT="80"
SERVER_PROTOCOL="HTTP/1.1"
SERVER_SIGNATURE=""
SERVER_SOFTWARE="Apache/2.2.9 (FreeBSD) mod_ssl/2.2.9 OpenSSL/0.9.8e DAV/2"
UNIQUE_ID="¥ê¥¯¥¨¥¹¥ÈËè¤Ë°ì°Õ¤Ê ID"
¤È¤¤¤¦¤è¤¦¤Êɽ¼¨¤¬½Ð¤Æ¡¤Àܳ¤·¤¿¤È¤¤Î´Ä¶Åù¤¬¤ï¤«¤ë.
Web ¥µ¡¼¥Ð¤Î¾õ¶·¤¬Îɤ¯Ê¬¤«¤é¤Ê¤¤¡Ä¤È¤¤¤¦¤è¤¦¤Ê»þ¤Ï¤³¤¦¤·¤Æ´ðËܾðÊó¤òÆÀ¤è¤¦.
¤Ê¤ª¡¤¤³¤ì¤é¤Î¾ðÊó¤¬Ã¯¤Ë¤Ç¤â¸«¤¨¤Æ¤·¤Þ¤¦¤Î¤Ï¤¢¤Þ¤êÎɤ¯¤Ê¤¤¤Î¤Ç¡¤°Ê²¼¤Î¤è¤¦¤Ë¤·¤Æ¥µ¥ó¥×¥ë cgi ¤¬Æ°ºî¤·¤Ê¤¤¤è¤¦¤ËÌᤷ¤Æ¤ª¤³¤¦.
cd /usr/local/www/apache22/cgi-bin chmod aog-x ./printenv
CGI ¤È¤Ï¤´¤¯¤´¤¯´Êñ¤Ë¸À¤¨¤Ð Web¥µ¡¼¥Ð¤Ë¥¢¥¯¥»¥¹¤·¤Æ¥µ¡¼¥Ð¾å¤ÇÆ°¤«¤»¤ë¥×¥í¥°¥é¥à¤Ç¤¢¤ë. ¥»¥¥å¥ê¥Æ¥£¾å¤Î¡Ö·ê¡×¤È¤Ê¤ê¤ä¤¹¤¤¤Î¤Ç¡¤CGI ¤Ë¤Ä¤¤¤Æ¤ÏÆäËÃí°Õ¿¼¤¯ºî¶È¤·¤è¤¦.
¼¡¤Ë¼êÆ°¤Ç apache ¤òÆ°¤«¤·¤¿¤êÄä¤á¤¿¤ê¤¹¤ë¼êË¡¤ò½ñ¤¤¤Æ¤ª¤¯.
¼êÆ°¤Çµ¯Æ°¤¹¤ë¤Ê¤é¤Ð¡¤
/usr/local/etc/rc.d/apache22 start
¤È¤·¡¤¼êÆ°¤Ç»ß¤á¤¿¤±¤ì¤Ð
/usr/local/etc/rc.d/apache22 stop
¤È¤¹¤ì¤Ð¤è¤¤.
¤µ¤Æ¡¤apache ¤¬Ìµ»ö¤Ëµ¯Æ°¤·¤Æ¤¤¤ë¤³¤È¤¬¤³¤³¤Þ¤Ç³Îǧ¤Ç¤¤¿¤é¼êÆ°¤Ç¤¤¤Ã¤¿¤ó apache ¤òÄä¤á¤è¤¦.
¤½¤·¤ÆºÆ¤Ó webbrowser ¤Ç http://localhost/ ¤Ë¥¢¥¯¥»¥¹¤·¤Æ¡¤¤¤Á¤ó¤È apache ¤¬Ää¤Þ¤Ã¤Æ¤¤¤ë¤³¤È¤ò³Îǧ¤·¤è¤¦.
Apache ¤ÎÀßÄê †
ºÇÄã¸Â¤ÎÀßÄê †
apache ¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Ï /usr/local/etc/apache22 °Ê²¼¤ËÃÖ¤¤¤Æ¤¢¤ë.
¤µ¤Æ¡¤ºÇÄã¸Â¤ÎÀßÄê¤ò¹Ô¤ª¤¦.
¤Þ¤º¡¤web ¥µ¡¼¥Ð¤È¤·¤Æ¤Î´ðËÜÀßÄê¥Õ¥¡¥¤¥ë¤Ï httpd.conf ¤Ç¤¢¤ë¤Î¤Ç¤³¤ì¤òÊÔ½¸¤¹¤ë.
¤³¤¦¤·¤¿¡Ö½ÅÍפʡץե¡¥¤¥ë¤òÊÔ½¸¤¹¤ë¤È¤¤Ï¸µ¤Î¥Õ¥¡¥¤¥ë¤Î¥Ð¥Ã¥¯¥¢¥Ã¥×¤ò¤È¤Ã¤Æ¤ª¤³¤¦. ÊýË¡¤Ï¸¶»ÏŪ¤Ç¤â¹½¤ï¤Ê¤¤. Î㤨¤Ð¡¤¶ñÂÎŪ¤Ë¤Ï¡¤
cp httpd.conf httpd.conf.ORG
¤Ê¤É¤È¤¹¤ì¤Ð¤è¤¤.
ºÇÄã¸ÂÀßÄê¤òÊѹ¹¤·¤¿¤¤¤Î¤Ï°Ê²¼¤ÎÅÀ¤Ç¤¢¤ë.
- ServerAdmin
- web ´ÉÍý¼Ô¤Î¥á¡¼¥ë¥¢¥É¥ì¥¹¤ò½ñ¤¯. ¥µ¥ó¥×¥ë¤¬½ñ¤¤¤Æ¤¢¤ë¤Î¤Ç¤¹¤°¤ï¤«¤ë¤À¤í¤¦.
- DocumentRoot
- web ¥¢¥¯¥»¥¹¤Î¥ë¡¼¥È¤È¤·¤Æ°·¤ï¤ì¤ë¥Ç¥£¥ì¥¯¥È¥ê.
¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï /usr/local/www/apache22/data ¤È¤Ê¤Ã¤Æ¤¤¤ë¤¬¡¤apache ¤Î¥Ð¡¼¥¸¥ç¥óÈֹ椬Æþ¤Ã¤Æ¤¤¤¿¤ê¤·¤Æ¤Ê¤ó¤È¤âÉÔÊؤÀ¤·¡¤(¤Þ¤¢µ¤µÙ¤á¤Ç¤Ï¤¢¤ë¤¬)¥»¥¥å¥ê¥Æ¥£¤ÎÌ̤«¤é¤â¥Ç¥Õ¥©¥ë¥È¤Î¤Þ¤Þ¤Ë¤·¤Æ¤ª¤«¤Ê¤¤¤è¤¦¤Ë¤·¤è¤¦.
¤½¤³¤Ç¡¤¿·¤¿¤Ë¥Ç¥£¥ì¥¯¥È¥ê(Î㤨¤Ð /usr/local/web_dir/top ¤Ê¤É)¤òºîÀ®¤¹¤ë¤Ê¤É¤·¤Æ*4ÍÑ°Õ¤·¤Æ¤«¤é, ¤³¤ÎÀßÄê¤ò½ñ¤´¹¤¨¤Æ¤ª¤³¤¦.
¤³¤ì¤Ï¶ñÂÎŪ¤Ë¤Ï
¤È¤¤¤¦¹Ô¤ò¤³¤ÎÎã¤À¤ÈDocumentRoot "/usr/local/www/apache22/data"
¤È½¤Àµ¤¹¤ë¤³¤È¤Ë¤Ê¤ë.DocumentRoot "/usr/local/web_dir/top"
¤Þ¤¿¡¤DocumentRoot ¤ÎÃæ¿È¤Ë´Ø¤¹¤ëÀßÄêÉôʬ¤¬ <Directory "/usr/local/www/apache22/data">¤Ê¤É¤Ë½ñ¤¤¤Æ¤¢¤ë¤Î¤Ç¡¤¤³¤³¤â¼«Ê¬¤ÎÀßÄê¤Ë¤¢¤ï¤»¤Æľ¤·¤Æ¤ª¤³¤¦. ¶ñÂÎŪ¤Ë¤Ï
¤òÎ㤨¤Ð<Directory "/usr/local/www/apache22/data">
¤Èľ¤¹¤³¤È¤Ë¤Ê¤ë.<Directory "/usr/local/web_dir/top">
- ScriptAlias
- cgi ¤ÎÃÖ¤¾ì. ¤³¤ì¤â¥Ç¥Õ¥©¥ë¥È¤Î¤Þ¤Þ¤Ç¤Ï¤Ê¤ó¤Ê¤Î¤Ç¡¤Å¬Åö¤Ë¿·µ¬¥Ç¥£¥ì¥¯¥È¥ê(Î㤨¤Ð /usr/local/web_dir/cgi ¤Ê¤É)¤òºî¤Ã¤Æ¤«¤é¡¤¤½¤ì¤ËÊѹ¹¤·¤è¤¦. ¤³¤Î¾ì¹ç¤Ï¡¤
¤È½ñ¤¤¤Æ¤¢¤ëÉôʬ¤òÎ㤨¤ÐScriptAlias /cgi-bin/ "/usr/local/www/apache22/cgi-bin/"
¤È½¤Àµ¤¹¤ë¤³¤È¤Ë¤Ê¤ë(ºÇ¸å¤Î¥¹¥é¥Ã¥·¥å¤ò˺¤ì¤Ê¤¤¤è¤¦¤Ë!!). ¤Þ¤¿¡¤¤³¤ì¤Ë¤Ä¤¤¤Æ¤âScriptAlias /cgi-bin/ "/usr/local/web_dir/cgi/"
¤ò<Directory "/usr/local/www/apache22/cgi-bin">
¤È½¤Àµ¤·¤Ê¤¤¤È¤È¤¤¤±¤Ê¤¤¤Î¤ÇÃí°Õ¤·¤è¤¦.<Directory "/usr/local/web_dir/cgi">
¤Ç¤Ï¡¤ÀßÄ꤬Êѹ¹¤Ç¤¤¿¤«¥Á¥§¥Ã¥¯¤·¤è¤¦.
¤Þ¤º¡¤¾å¤ÇÍÑ°Õ¤·¤¿ DocumentRoot ¤ËÎ㤨¤Ð¼¡¤Î¤è¤¦¤ÊŬÅö¤ÊÆâÍƤΠindex.html ¥Õ¥¡¥¤¥ë¤òÍÑ°Õ¤·¤è¤¦.
<html>
¤Ê¤ó¤Ç¤â¤è¤¤¤Î¤Ç½ñ¤¯.¤È¤ê¤¢¤¨¤º¥¢¥ë¥Õ¥¡¥Ù¥Ã¥È¤Î¤ß¤Ç½ñ¤¤¤¿Êý¤¬¤è¤¤¤À¤í¤¦
</html>
¼¡¤Ë apache ¤ò¼êÆ°¤Çµ¯Æ°¤·¡¤http://localhost ¤Ë¥¢¥¯¥»¥¹¤·¤Æ¡¤¡Ö¼«Ê¬¤ÇÍÑ°Õ¤·¤¿ index.html¡×¤ÎÃæ¿È¤¬¸«¤¨¤ë¤³¤È¤ò³Îǧ¤·¤è¤¦.
¼¡¤Ë¡¤cgi ¤Î°ÕÌ£¤òÄϤàÌÜŪ¤â·ó¤Í¤Æ cgi ¤Î¥Æ¥¹¥È¤ò¹Ô¤ª¤¦.
¤Þ¤º¡¤¼¡¤ÎÆâÍÆ*5
#!/bin/csh -f
echo "Content-type: text/plain; charset=iso-8859-1"
echo ""
echo ""
/usr/games/fortune
¤Î¥Õ¥¡¥¤¥ë¤ò web-test ¤È¤¤¤¦Ì¾¾Î¤Ç(¼«Ê¬¤ÇÀßÄꤷ¤¿) cgi ¥Ç¥£¥ì¥¯¥È¥ê¤ËÃÖ¤³¤¦.
ºÇ¸å¤Î¹Ô¤Ç²þ¹Ô¤·¤Æ¤¤¤Ê¤¤¤È fortune ¤¬¼Â¹Ô¤µ¤ì¤Ê¤¤¤Î¤Ç²¿¤â½ÐÎϤµ¤ì¤Ê¤¤. ¤¤Á¤ó¤È²þ¹Ô¤·¤è¤¦.
¼¡¤Ë¤³¤Î¥Õ¥¡¥¤¥ë¤Î¼Â¹Ô¥Ñ¡¼¥ß¥Ã¥·¥ç¥ó¤òÀßÄꤷ¤è¤¦.
cd (¼«Ê¬¤ÇÀßÄꤷ¤¿ cgi ¥Ç¥£¥ì¥¯¥È¥ê) chmod aog+x ./web-test
¤³¤¦¤·¤ÆÀßÄê¤ò¹Ô¤Ã¤Æ¤«¤é¡¤ http://localhost/cgi-bin/web-test ¤Ë¥¢¥¯¥»¥¹¤·¤Æ¤ß¤è. ¾¡¼êÃΤ俤ë fortune ¤Î·ë²Ì¤¬ web browser ¤Ë½ÐÎϤµ¤ì¤ë¤Î¤¬¸«¤¨¤ë¤À¤í¤¦.
¤¦¤Þ¤¯¤¤¤Ã¤¿¤éºÆ¤ÓÇ°¤Î°Ù¤Ë¼Â¹Ô¥Ñ¡¼¥ß¥Ã¥·¥ç¥ó¤òÍî¤È¤·¤Æ¤ª¤³¤¦.
cd (¼«Ê¬¤ÇÀßÄꤷ¤¿ cgi ¥Ç¥£¥ì¥¯¥È¥ê) chmod aog-x ./web-test
¤µ¤Æ¡¤¤³¤³¤Þ¤Ç¤¦¤Þ¤¯¤¤¤Ã¤¿¤éºÇÄã¸Â¤ÎÀßÄê¤Ï OK ¤Ê¤Î¤Ç apache ¤òºÆ¤ÓÄä»ß¤µ¤»¤è¤¦.
Apache ¤Îµ¡Ç½¤¤¤¯¤Ä¤« †
TLS (Transport Layer Security) / SSL (Secure Sockets Layer) †
¤³¤³¤Þ¤Ç¤Î Apache ¤Ø¤Î Web Àܳ¤ÏÁǤΡÖHTTPÀܳ¡×¤Ç¡¤(port 80 ¤Ç¹Ô¤ï¤ì¤Æ¤¤¤Æ) ¼Â¤Ï¥Ç¡¼¥¿¤¬¡Ö¤½¤Î¤Þ¤Þ¡×¥Í¥Ã¥È¥ï¡¼¥¯¤òή¤ì¤Æ¤¤¤ë.
¤Ä¤Þ¤ê¡¤¥Í¥Ã¥È¥ï¡¼¥¯ÅÓÃæ¤Ëµï¤ë¥Þ¥·¥ó¤Ê¤É¤«¤é¸«¤ì¤Ðή¤ì¤Æ¤¤¤ë¥Ç¡¼¥¿¤Ï´Ý¸«¤¨¤Ç¤¢¤ê¡¤ÈëÌ©¤Ë¤·¤¿¤¤½ÅÍפʥǡ¼¥¿¤Ê¤É¤òή¤»¤Ê¤¤¡¤´í¸±¤Ê¾õÂ֤Ǥ¢¤ë¡¥
¤·¤«¤·¡¤¥Í¥Ã¥È¥ï¡¼¥¯¾å¤ÎÄÌ¿®¤ò°Å¹æ²½¤¹¤ëÊýË¡¤¬´û¤Ë¤¤¤¯¤Ä¤«Â¸ºß¤¹¤ë.
¤½¤Î°ì¤Ä¤Ç¤¢¤ë TLS (Transport Layer Security) (µì¾Î SSL(Secure Sockets Layer))¤ò»È¤Ã¤Æ¡¤web ÍѤÎÄÌ¿®¥×¥í¥È¥³¥ë HTTP ¤ò¤½¤Î¾å¤ÇÍøÍѤ¹¤ë°Å¹æ²½ HTTP, ¨¤Á HTTPS(HTTP over SSL) ¤ò»È¤¨¤ë¤è¤¦¤Ë¤·¤Æ¤ß¤è¤¦.
TLS/SSL ¤ÏÈÆÍÑŪ¤Ê»ÅÁȤߤǤ¢¤ê¡¤HTTP °Ê³°¤ÎÄÌ¿®¤âºÜ¤»¤ë¤³¤È¤¬¤Ç¤¤ë.
¤Þ¤º¡¤¥»¥¥å¥ê¥Æ¥£¤Î¤¿¤á¤Ë TLS ¤ÎÄ󶡤¹¤ëµ¡Ç½¤ò´Êñ¤Ë½Ò¤Ù¤Æ¤ª¤¯¤È¡¤
- °Å¹æ²½
- ÄÌ¿®ÆâÍƤò°Å¹æ²½¤¹¤ë. »È¤¨¤ë°Å¹æ¤Ï 5¡Á7¼ïÎàÄøÅÙ¤¢¤ë.
- ²þãâ¤Î¸¡½Ð
- ¤ä¤ê¤È¤ê¤¹¤ë¾ðÊó¤¬ÅÓÃæ¤Ç狼¤Ë²þã⤵¤ì¤Æ¤¤¤Ê¤¤¤«¸¡½Ð¤¬¤Ç¤¤ë.
- ǧ¾Ú
- ÀܳÁê¼ê¤¬¡ÖËÜÅö¤Ë̾¾è¤Ã¤Æ¤¤¤ë¤È¤ª¤ê¤ÎÁê¼ê¤«¡×¤ò¾ÚÌÀ¤¹¤ë. Ä̾ï¤Ï¥µ¡¼¥Ð¦¤À¤±¤¬¾ÚÌÀ½ñ¤ò¸«¤»¤ë¤¬¡¤(ɬÍפʤé¤Ð¥ª¥×¥·¥ç¥ó¤Ç)¥¯¥é¥¤¥¢¥ó¥È¦¤¬¾ÚÌÀ½ñ¤ò¸«¤»¤ë¤è¤¦¤Ë¤âÀßÄê¤Ç¤¤ë.
¤Î»°ËÜÃì¤Ç¤¢¤ë.
°Å¹æ²½¤È²þãâ¤Î¸¡½Ð¤Ë¤Ä¤¤¤Æ¤Ï¥µ¡¼¥Ð¤È¥¯¥é¥¤¥¢¥ó¥È¤Î´Ø·¸¤À¤±¤ÇÀ®Î©¤µ¤»¤é¤ì¤ë¤¬¡¤
ǧ¾Ú¤Ë¤Ä¤¤¤Æ¤Ï¡ÖÂè»°¼Ô(ǧ¾Ú¶É)¤Ë¤è¤ë¤½¤Î¾ÚÌÀ½ñ¤ÎÊݾڡפ¬ËÜÍèɬÍפǤ¢¤ë.
TLS/SSL ¤Ë¤Ä¤¤¤Æ¡¤¤µ¤é¤Ë¾Ü¤·¤¯Ä´¤Ù¤Æ¤ª¤³¤¦.
¤µ¤Æ¡¤HTTPS ¤ò»È¤¦½àÈ÷¤ò»Ï¤á¤è¤¦.
¤½¤ì¤Ë¤Ï¤Þ¤º¡¤TLS/SSL ¤½¤Î¤â¤Î¤Î½àÈ÷¤ò¤·¤Ê¤¤¤È¤¤¤±¤Ê¤¤.
TLS/SSL ¤ò»È¤¦¤Ë¤Ï¾å¤Î3¤Ä¤Îµ¡Ç½¤Î¤¦¤Á¤Îǧ¾Ú¤Î¤¿¤á¤Ë¡¤¾ÚÌÀ½ñ¤òÍÑ°Õ¤·¤Ê¤¤¤È¤¤¤±¤Ê¤¤.
¤·¤«¤·¡¤¾ÚÌÀ½ñ¤òÊݾڤ¹¤ëÅŻҽð̾¤ò¹Ô¤¦Ç§¾Ú¶É¤Ëºî¶È¤ò°ÍÍꤹ¤ë¤Ë¤ÏÄ̾ï¤ÏÈñÍѤ¬¤«¤«¤ë¤·¡¤¼ê³¤¤â¤½¤ì¤Ê¤ê¤ËÈË»¨¤À.
¤½¤³¤Ç¡¤Ëܼø¶È¤Ç¤Ï¼«Ê¬¤Ç¼«Ê¬¤òÊݾڤ·¤Æ¾ÚÌÀ½ñ¤òºî¤Ã¤Æ¤·¤Þ¤ª¤¦.
¤³¤ì¤Ï¯¤Ë¸À¤¦"¥ª¥ì¥ª¥ì¾ÚÌÀ½ñ" ¤Ç¤¢¤Ã¤Æ¡¤Ç§¾Ú¤Ë¤ÏÌäÂ꤬¤¢¤ë. ¤Þ¤¢¡¤¾ÚÌÀ½ñ¤Î finger print ¤ò¼êÅϤ·¤Ê¤É¤Î¡Ö°ÂÁ´¤Ê·ÐÏ©¤Ç¡×Æþ¼ê¤·¤Æ³Îǧ¤¹¤ë¤Ê¤É¤Ç¤â°ì»þ¤·¤Î¤®¤Ï¤Ç¤¤ë¤È»×¤¦¤±¤É¡Ä ¤Þ¤¿¡¤ºîÀ®¤·¤¿ÈëÌ©¸° apache.key ¼«ÂΤϰŹ沽¤·¤Æ¤¤¤Ê¤¤¤Î¤Ç¼è¤ê°·¤¤¤ÏÍ×Ãí°Õ¤À.
¶ñÂÎŪ¤Ë¤Ï°Ê²¼¤Î¤è¤¦¤Ëºî¶È¤¹¤ë¤³¤È¤Ç¾ÚÌÀ½ñ(apache.crt)¤¬ºîÀ®¤Ç¤¤ë.
cd /usr/local/etc/apache22 openssl genrsa -out apache.key 1024 openssl req -new -x509 -days 365 -key apache.key -out apache.crt
ºÇ¸å¤Î¾ÚÌÀ½ñºîÀ®»þ¤Ë¤¤¤¯¤Ä¤«¼ÁÌ䤵¤ì¤ë¤Î¤Ç¡¤Î㤨¤Ð°Ê²¼¤ÎÀÄ»ú¤Î¤è¤¦¤ËŬÀÚ¤ËÅú¤¨¤è¤¦.
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Osaka
Locality Name (eg, city) []:Toyonaka
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Osaka Univ.
Organizational Unit Name (eg, section) []:Faculty of Science ¤Ê¤É
Common Name (eg, YOUR name) []:¼«Ê¬¤Î̾Á°¤ò¥¢¥ë¥Õ¥¡¥Ù¥Ã¥È¤Ç
Email Address []:¼«Ê¬¤Î¥á¡¼¥ë¥¢¥É¥ì¥¹
¤¹¤ë¤È¡¤apache.crt ¤È¤¤¤¦¾ÚÌÀ½ñ(͸ú´ü¸Â 365Æü¤Î¤â¤Î)¤¬¤Ç¤¤Æ¤¤¤ë¤Ï¤º¤À.
openssl ¤Ë¤Ä¤¤¤Æ¤Ï man openssl ¤Ç¡¤openssl req ¤Î¥ª¥×¥·¥ç¥ó¤Ë¤Ä¤¤¤Æ¤Ï man req ¤Ç¥Þ¥Ë¥å¥¢¥ë¤òÆɤळ¤È¤¬¤Ç¤¤ë.
¤³¤³¤Ç¡¤ºîÀ®¤·¤¿¾ÚÌÀ½ñ¤ÎÆâÍƤò°ìÅÙ³Îǧ¤·¤Æ¤ª¤³¤¦.
openssl x509 -in apache.crt -text
¤È¤¹¤ë¤ÈÆâÍƤ¬½ÐÎϤµ¤ì¤ë¤Î¤Ç¡¤¤ß¤Æ¤ª¤³¤¦.
¼¡¤Ë¡¤HTTPS ÀßÄê¥Õ¥¡¥¤¥ë¤òľ¤½¤¦.
/usr/local/etc/apache22/extra/httpd-ssl.conf ¤¬ÀßÄê¥Õ¥¡¥¤¥ë¤Ê¤Î¤Ç¡¤¤½¤Î <VirtualHost _default_:443> ¤ÎÉôʬ¤ò½¤Àµ¤·¤è¤¦.
¶ñÂÎŪ¤Ë¤Ï°Ê²¼¤Î¤è¤¦¤Ë¤·¤è¤¦.
¤â¤Á¤í¤ó¤³¤Î¥Õ¥¡¥¤¥ë¤âºî¶ÈÁ°¤Ë¥Ð¥Ã¥¯¥¢¥Ã¥×¤ò¼è¤Ã¤Æ¤ª¤³¤¦.
- DocumentRoot
- ÆäËÍýͳ¤¬¤Ê¤±¤ì¤Ð¾å¤Î DocumentRoot ¤ÈƱ¤¸¤Ë¤·¤Æ¤ª¤¯¤È¤è¤¤.
- ServerName
- ¥¢¥¯¥»¥¹¡Ö¤µ¤ì¤ëºÝ¤Î¡×̾Á°¤Ë¤Ê¤ë. º£²ó¤Ï¥Æ¥¹¥È¤Ê¤Î¤Ç¥Þ¥·¥ó̾¤Ç¤è¤¤¤À¤í¤¦. Î㤨¤Ð q3000.sci.osaka-u.ac.jp ¤È¤¤¤¦¥Þ¥·¥ó¤Ê¤é¤Ð¡¤
¤È½ñ¤¯¤³¤È¤Ë¤Ê¤ë. ¤Á¤Ê¤ß¤Ë¡¤¤³¤ì¤òÀßÄꤹ¤ë¤Ê¤é httpd.conf ¤Î ServeName ¤È¤¤¤¦¹àÌܤâƱÍͤËServerName q3000.sci.osaka-u.ac.jp:443
¤ÈÀßÄꤷ¤Æ¤ª¤¤¤¿Êý¤¬Ì·½â¤¬¤Ê¤¯¤Æ¤è¤¤¤À¤í¤¦.ServerName q3000.sci.osaka-u.ac.jp:80
- ServerAdmin
- ¼«Ê¬¤Î¥á¡¼¥ë¥¢¥É¥ì¥¹¤ËÊѹ¹¤·¤Æ¤ª¤³¤¦.
- SSLCertificateFile
- ¾å¤Çºî¤Ã¤¿¥Õ¥¡¥¤¥ë "/usr/local/etc/apache22/apache.crt" ¤Ëľ¤·¤Æ¤ª¤¯.
- SSLCertificateKeyFile
- ¤³¤ì¤â¤ä¤Ï¤êºî¤Ã¤¿¥Õ¥¡¥¤¥ë "/usr/local/etc/apache22/apache.key" ¤Ëľ¤·¤Æ¤ª¤¯.
¼¡¤Ë¡¤/usr/local/etc/apache22/httpd.conf ¤Î
# Include etc/apache22/extra/httpd-ssl.conf
¤È½ñ¤¤¤Æ¤¢¤ë¹Ô¤Î¹ÔƬ¤Î # ¤ò¾Ã¤·¤Æ¤³¤Î¹Ô¤ò͸ú¤Ë¤·¤è¤¦.
¤³¤ì¤ÇÀßÄê¤Ï½ªÎ»¤À. apache ¤ò¤¤¤Ã¤¿¤óÄä¤á¤Æ¤«¤éµ¯Æ°¤·¡¤ https://localhost ¤Ë¥¢¥¯¥»¥¹¤·¤Æ¡¤³Î¤«¤Ë https ¤ÇÀܳ¤Ç¤¤ë¤³¤È¤ò³Î¤«¤á¤è¤¦.
¤¿¤À¤·¡¤¥ª¥ì¥ª¥ì¾ÚÌÀ½ñ¤Ê¤Î¤ÇÅÓÃæ¤Ç¡Ö¤À¤¤¤¸¤ç¤Ö?¡×¤È¿Ò¤Í¤é¤ì¤ë¤Î¤Ç¡¤º£²ó¤À¤±Âç¾æÉפÀ¤È¤·¤ÆÀè¤Ø¿Ê¤á¤ÆÀܳ¤·¤è¤¦.
¤Ê¤ª¡¤firefox ¤Ê¤É¤À¤È¡¤https ¤ÇÀܳ¤·¤Æ¤¤¤ë¤È¤¤Ï¥¢¥×¥ê¤Î²¼Â¦¤Ë¸°¤Î¥Þ¡¼¥¯¤¬É½¼¨¤µ¤ì¤¿¤ê¤¹¤ë¤Î¤Ç³Îǧ¤·¤ä¤¹¤¤.
"¥ª¥ì¥ª¥ì¾ÚÌÀ" ¤ÏËÜÍè¤Ï¤è¤í¤·¤¯¤Ê¤¤¤â¤Î¤Ç¡¤¥ê¥¹¥¯¤¬¤¢¤ë.
"¥ª¥ì¥ª¥ì¾ÚÌÀ" ¤Î´í¸±À¤Ë¤Ä¤¤¤ÆÄ´¤Ù¤Æ¤ª¤³¤¦.
¸Ä¿ÍŪ¤Ë¤Ï¹âÌÚ¹À¸÷»á¤Î "¹âÌÚ¹À¸÷¡÷¼«Âð¤ÎÆüµ" ¤Î 2007·î11·î25Æü¤Îµ½Ò( http://takagi-hiromitsu.jp/diary/20071125.html )¤¬¤è¤¯¤ï¤«¤Ã¤Æ¤è¤¤¤È»×¤¦.
Apache ¤ÎÊØÍø¤Êµ¡Ç½: Basic ǧ¾Ú / Digest ǧ¾Ú †
Apache ¤Ë¤Ï¼Â¤ÏÈó¾ï¤Ë¿¤¯¤Îµ¡Ç½¤¬¤¢¤ë.
¤½¤Î°ì¤Ä¤Ç¤¢¤ëǧ¾Ú(Basic ǧ¾Ú¤È Digest ǧ¾Ú¤¬¤¢¤ë)¤Ë¤Ä¤¤¤ÆÃÎ¤í¤¦.
¤³¤ì¤Ï¥¢¥¯¥»¥¹¤¹¤ëºÝ¤Ë¥æ¡¼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É¤ÎÆþÎϤ¬Í׵ᤵ¤ì¤ë¥¢¥¯¥»¥¹¥³¥ó¥È¥í¡¼¥ëµ¡Ç½¤Î°ì¼ï¤Ç¤¢¤ë.
¥Ç¥£¥ì¥¯¥È¥ê¤ä¥Õ¥¡¥¤¥ëñ°Ì¤ÇÀßÄ꤬²Äǽ¤Ç¡¤´Êñ¤Ê¤ï¤ê¤ËÊØÍø¤Ê¤Î¤Ç¡¤»È¤¨¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤ª¤¯¤È¤è¤¤.
Basic ǧ¾Ú¤Ï¥»¥¥å¥ê¥Æ¥£Åª¤Ë¤Ï¤¢¤Þ¤ê·ø¸Ç¤Ç¤Ï¤Ê¤¤¤¬¡¤Digest ǧ¾Ú¤Ï¾¯¤·¸Å¤á¤Î¥Ö¥é¥¦¥¶¤«¤é¤Ï»È¤¨¤Ê¤¤.
Basic ǧ¾Ú †
¤Þ¤º¤Ï¤È¤ê¤¢¤¨¤º Basic ǧ¾Ú¤ò»È¤Ã¤Æ¤ß¤è¤¦.
Basic ǧ¾Ú¤Ë¤É¤Î¤è¤¦¤Ê¥»¥¥å¥ê¥Æ¥£¾å¤ÎÌäÂ꤬¤¢¤ë¤«¡¤Apache 2.2¥Þ¥Ë¥å¥¢¥ë¤Î¡Öǧ¾Ú¡¤¾µÇ§¡¤¥¢¥¯¥»¥¹À©¸æ¡×( http://httpd.apache.org/docs/2.2/ja/howto/auth.html )¤òÆɤó¤ÇÄ´¤Ù¤Æ¤ª¤³¤¦.
¤µ¤Æ¡¤¼ÂºÝ¤Ë¤ä¤Ã¤Æ¤ß¤è¤¦¡¥
¤Þ¤º¡¤ÂоݤȤʤë¥Ç¥£¥ì¥¯¥È¥ê¤òÍÑ°Õ¤¹¤ë.
º£²ó¤Ï(¼«Ê¬¤ÇÀßÄꤷ¤¿DocumentRoot)¤Î²¼¤Ë test ¤È¤¤¤¦¥Ç¥£¥ì¥¯¥È¥ê¤òºî¤ê¡¤¤½¤³¤Ç basic ǧ¾Ú¤ò»î¤·¤Æ¤ß¤è¤¦.
¤È¤¤¤¦¤ï¤±¤Ç¡¤¤Þ¤º¤Ï¥Ç¥£¥ì¥¯¥È¥ê¤òºîÀ®¤·¤è¤¦.
¼¡¤Ë¥¢¥«¥¦¥ó¥È¤È¥Ñ¥¹¥ï¡¼¥É¤ò´Þ¤à¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤òºî¤í¤¦.
¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤Ï¡Ö DocumentRoot °Ê²¼¤Ë¤Ïºî¤é¤Ê¤¤¡×¤è¤¦¤Ë¤·¤Ê¤¤¤È³°¤«¤éÆɤá¤Æ¤·¤Þ¤¦¤«¤â¤·¤ì¤Ê¤¤¤¿¤á¡¤¤½¤ì¤ÏÈò¤±¤è¤¦.
º£²ó¤ÏÎ㤨¤Ð /usr/local/etc/apache22/Includes ¤Ëºî¤ë¤È¤¹¤ë¤È¡¤
cd /usr/local/etc/apache22/Includes htpasswd -c ./passwdfile test-user ¥æ¡¼¥¶ "test-user" ¤Î¥Ñ¥¹¥ï¡¼¥É¤ò¿·µ¬¤Ë¹Í¤¨¤ÆÆþÎÏ
¤È¤¤¤¦´¶¤¸¤ÇÁàºî¤¹¤ì¤Ð¤è¤¤.
´û¤Ë¤½¤Î¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤¬Â¸ºß¤¹¤ë¤Î¤Ë "-c" ¥ª¥×¥·¥ç¥ó¤ò¤Ä¤±¤Æ htpasswd ¤ò¼Â¹Ô¤¹¤ë¤È¤½¤Î¥Õ¥¡¥¤¥ë¤ÎÃæ¿È¤Ï¾Ã¤¨¤Æ¤·¤Þ¤¦¤Î¤Ç¡¤"-c" ¤ò¤Ä¤±¤ë¤È¤¤Ï¤¯¤ì¤°¤ì¤â¿µ½Å¤Ë.
Ç°¤Î°Ù¤Ë¤³¤Î¥Õ¥¡¥¤¥ë¤òÆɤó¤Ç¤ß¤Æ¡¤³Î¤«¤Ë¥æ¡¼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É(°Å¹æ²½¤µ¤ì¤Æ¤¤¤ë)¤¬³ÊǼ¤µ¤ì¤Æ¤¤¤ë¤³¤È¤ò³Îǧ¤·¤Æ¤ª¤³¤¦.
¼¡¤Ë Basic ǧ¾Ú¤ò͸ú¤Ë¤¹¤ë¤Î¤À¤¬¡¤¶ñÂÎŪ¤ÊÊýË¡¤Ï°Ê²¼¤ÎÆó¼ïÎब¤¢¤Ã¤Æ¡¤
- ¥·¥¹¥Æ¥à¦¤ÇÀßÄꤹ¤ëÊýË¡(httpd.conf ¤Ç¤ÎÀßÄê)
- ³Æ¥Ç¥£¥ì¥¯¥È¥ê¤Ç .htaccess ¥Õ¥¡¥¤¥ë¤ÇÀßÄꤹ¤ëÊýË¡
¤½¤ì¤¾¤ìÍøÅÀ·çÅÀ¤¬¤¢¤ë.
¥æ¡¼¥¶¤¬¼«Ê¬¤ÇÀßÄê¤Ç¤¤ë¸å¼Ô¤ÎÊý¤¬»È¤¤Êý¤ÎÉý¤¬¹¤¬¤ë(¤½¤Îʬ¥ê¥¹¥¯¤âÁý¤¹¤Î¤Ç¡¤±¿ÍѤκݤϤâ¤Ã¤ÈÄ´¤Ù¤Æ¤«¤é)¤Î¤Çº£²ó¤Ï¸å¼Ô¤Ç¤ä¤Ã¤Æ¤ß¤è¤¦.
¤Ç¤Ï¡¤Basic ǧ¾Ú¤ò¼ÂºÝ¤Ë͸ú¤Ë¤·¤è¤¦.
¤Þ¤º¤½¤Î¤¿¤á¤Î½àÈ÷¤È¤·¤Æ¡¤¤Þ¤º httpd.conf ¤Î <Directory "(¼«Ê¬¤ÇÀßÄꤷ¤¿DocumentRoot)"> °Ê²¼¤Ë¤¢¤ë
AllowOverride None
¤È¤¤¤¦¹Ô¤ò½¤Àµ¤·¡¤
AllowOverride AuthConfig
¤Ë¤·¤Æ¤ª¤³¤¦.
"AllowOverride ..." ¤È¤¤¤¦¹Ô¤ÏÊ£¿ô¤¢¤ë¤Î¤Ç¡¤½¤Àµ¤¹¤ë²Õ½ê¤ò´Ö°ã¤¨¤Ê¤¤¤è¤¦¤Ë.
¼¡¤Ë¡¤¾å¤ÇÍÑ°Õ¤·¤¿ test ¤È¤¤¤¦¥Ç¥£¥ì¥¯¥È¥ê°Ê²¼¤Ë¼¡¤ÎÆâÍÆ¤Ç .htaccess ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºî¤í¤¦.
AuthType Basic
AuthName "basic auth test!"
AuthUserFile /usr/local/etc/apache22/Includes/passwdfile
require user test-user
¤½¤ì¤«¤é¡¤¤³¤Î¥Ç¥£¥ì¥¯¥È¥ê¤Ë¼¡¤Î¤è¤¦¤ÊÆâÍÆ¤Ç index.html ¤òÍÑ°Õ¤·¤Æ¤ª¤³¤¦.
<html>
The basic auth function test was successful.
</html>
¤³¤ì¤Ç apache ¤òÄä¤á¤Æ¤«¤éºÆ¤Ó apache ¤òµ¯Æ°¤¹¤ì¤Ð Basic ǧ¾Ú¤Ï͸ú¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤Ï¤º¤À.
ǧ¾Úµ¡Ç½¤¬¤¦¤Þ¤¯Æ¯¤¯¤«³Îǧ¤·¤Æ¤ß¤è¤¦.
http://localhost/test ¢« (¾å¤ÇÍÑ°Õ¤·¤¿¥Ç¥£¥ì¥¯¥È¥ê) ¤Ë¥¢¥¯¥»¥¹¤·¤Æ¤ß¤Æ¡¤¥æ¡¼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É¤¬Ê¹¤«¤ì¤ë¤Ï¤º¤Ê¤Î¤Ç¡¤test-user ¤È¤¤¤¦¥æ¡¼¥¶Ì¾¤òÆþ¤ì¡¤¼«Ê¬¤Ç¾å¤ÇÀßÄꤷ¤¿¥Ñ¥¹¥ï¡¼¥É¤òÆþ¤ì¤Æ¤ß¤è¤¦.
̵»ö¥¢¥¯¥»¥¹¤Ç¤¤Æ¡¤¾å¤Î "The basic auth ... "¤È¤¤¤¦É½¼¨¤¬¤ß¤é¤ì¤ì¤Ð OK ¤À.
¶á¤¯¤ÎÀʤ˺¤äƤ¤¤ë¿Í¤âǧ¾Úµ¡Ç½¤¬»È¤¨¤ë¤è¤¦¤Ë¾ðÊó¤òÄɲ䷤ơ¤»î¤·¤Æ¤â¤é¤ª¤¦.
¶ñÂÎŪ¤Ë¤Ï¡¤
cd /usr/local/etc/apache22/Includes htpasswd ./passwdfile ¤½¤Î¿ÍÍѤΥ桼¥¶Ì¾ ¤½¤Î¥æ¡¼¥¶¤Î¥Ñ¥¹¥ï¡¼¥É¤ò¿·µ¬¤Ë¹Í¤¨¤ÆÆþÎÏ
¤È¤·¤Æ¤«¤é¡¤Àè¤Î¥Ç¥£¥ì¥¯¥È¥êÃæ¤Ë¤¢¤ë .htaccess ¤Î require ¹Ô¤ò½¤Àµ¤·¤ÆÄɲä·¤¿¥æ¡¼¥¶¤â°Ê²¼¤Î¤è¤¦¤Ë²Ã¤¨¤Æ¡¤
require user test-user Äɲå桼¥¶Ì¾ ¢« ¥¹¥Ú¡¼¥¹¤Ç¶èÀÚ¤ë
¤È¤¹¤ë¤«¡¤
Require valid-user
¤Èľ¤½¤¦.
¤½¤·¤Æ¡¤¤½¤Î¿Í¤Ë Web ¥Ö¥é¥¦¥¶¤Ç¼«Ê¬¤Î¥Û¥¹¥È¤ËÂФ·¤Æ http://q**.cl.math.sci.osaka-u.ac.jp/test ¢« (¼«Ê¬¤Î¥Û¥¹¥È̾/¾å¤ÇÍÑ°Õ¤·¤¿¥Ç¥£¥ì¥¯¥È¥ê) ¤È¤·¤Æ¥¢¥¯¥»¥¹¤·¤ÆÌ㤤¡¤¾å¤ÈƱÍͤ˥桼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É¤òÆþ¤ì¤Æ¥¢¥¯¥»¥¹¤Ç¤¤ë¤«¤ò¤ß¤ë¤Î¤Ç¤¢¤ë.
¸å¼Ô¤Î "Require valid-user" ¤Ï¡¤¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤Ë½ñ¤«¤ì¤Æ¤¤¤ë¥æ¡¼¥¶Á´¤Æ¤¬Âоݤˤʤ롤¤È¤¤¤¦ÀßÄê¤Ç¤¢¤ë.
¥¢¥¯¥»¥¹¤¹¤ë¥æ¡¼¥¶¤òÁý¤ä¤¹¤Ë¤Ï¡¤Â¾¤Ë¤â Group ¥Õ¥¡¥¤¥ë¤òÍѤ¤¤ëÊýË¡¤ä¥Ç¡¼¥¿¥Ù¡¼¥¹¤ò»È¤¦ÊýË¡¤Ê¤É¤¬¤¢¤ë. ¶ñÂÎŪ¤ÊÊýË¡¤Ï¾å¤Ë¤â¼¨¤·¤¿ Apache 2.2¥Þ¥Ë¥å¥¢¥ë¤Î¡Öǧ¾Ú¡¤¾µÇ§¡¤¥¢¥¯¥»¥¹À©¸æ¡×( http://httpd.apache.org/docs/2.2/ja/howto/auth.html )¤Ê¤É¤ËÃúÇ«¤Ë½ñ¤¤¤Æ¤¢¤ë¤Î¤Ç»²¾È¤»¤è.
htpasswd ¤Ç¥æ¡¼¥¶¤ò¡ÖÄɲáפ¹¤ë¤È¤¤Ï "-c" ¥ª¥×¥·¥ç¥ó¤¬¤Ê¤¤¤³¤È¤ËÃí°Õ¤»¤è.
Digest ǧ¾Ú †
¼¡¤Ë Digest ǧ¾Ú¤ò¤·¤Æ¤ß¤è¤¦. ¥»¥¥å¥ê¥Æ¥£¾å¤Ï Basic ǧ¾Ú¤è¤ê¹¥¤Þ¤·¤¤¤Î¤Ç¡¤¤³¤ì¤¬ÌäÂê¤Ê¤¯»È¤¨¤ë¾ì¹ç¤Ï¤³¤Á¤é¤ò»È¤¦¤è¤¦¤Ë¤·¤è¤¦.
¥Ç¥£¥ì¥¯¥È¥ê¤ÏÀè¤Î¤â¤Î¤ò¤½¤Î¤Þ¤Þ»È¤¦¤È¤·¤è¤¦.
¤½¤·¤Æ¡¤Digest ǧ¾ÚÍѤ˿·¤·¤¯¥¢¥«¥¦¥ó¥È¤È¥Ñ¥¹¥ï¡¼¥É¤ò´Þ¤à¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤òºî¤í¤¦.
¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤ÎÃÖ¾ì½ê¤ËÂФ¹¤ëÃí°Õ¤â Basicǧ¾Ú¤ÈƱ¤¸¤Ç¤¢¤ë.
¤½¤·¤Æ¡¤ÃÖ¤¯¾ì½ê¤âÀè¤ÈƱ¤¸¤Ç¤è¤¤¤À¤í¤¦.
¤µ¤Æ¡¤¶ñÂÎŪ¤Ë¤Ïºî¶È¤Ï°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ë.
cd /usr/local/etc/apache22/Includes htdigest -c ./passwdfile-digest "Digest auth test" digest-test-user ¥æ¡¼¥¶ "digest-test-user" ¤Î¥Ñ¥¹¥ï¡¼¥É¤ò¿·µ¬¤Ë¹Í¤¨¤ÆÆþÎÏ
´û¤Ë¤½¤Î¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤¬Â¸ºß¤¹¤ë¤Î¤Ë "-c" ¥ª¥×¥·¥ç¥ó¤ò¤Ä¤±¤Æ htdigest ¤ò¼Â¹Ô¤¹¤ë¤È¤½¤Î¥Õ¥¡¥¤¥ë¤ÎÃæ¿È¤Ï¾Ã¤¨¤Æ¤·¤Þ¤¦¤Î¤Ç¡¤"-c" ¤ò¤Ä¤±¤ë¤È¤¤Ï¤¯¤ì¤°¤ì¤â¿µ½Å¤Ë.
htdigest ¥³¥Þ¥ó¥É¤ÏÆó¤ÄÌܤΰú¿ô¤È¤·¤Æ realm (ǧ¾Ú¤ÎÂоÝÈϰϤȤǤ⤤¤¦¤«)¤¬É¬ÍפȤʤë. º£²ó¤Ï "Digest auth test" ¤¬¤³¤ì¤Ë¤¢¤¿¤ë. ¤½¤·¤Æ¡¤¤³¤Î realm ¤Ï .htaccess ¤ÎÃæ¤Î AuthName ¤È¤·¤Æ»È¤ï¤ì¤ë¤Î¤Ç³Ð¤¨¤Æ¤ª¤³¤¦.
¼¡¤Ë¡¤Àè¤Î test¥Ç¥£¥ì¥¯¥È¥ê¤Î .htaccess ¥Õ¥¡¥¤¥ë¤ò Digest ǧ¾ÚÍѤ˽¤Àµ¤·¤è¤¦.
¶ñÂÎŪ¤Ë¤Ï¼¡¤Î¤è¤¦¤Ë¤Ê¤ë¤À¤í¤¦.
AuthType Digest
AuthName "Digest auth test" ¢« ¾å¤Î htdigest ¥³¥Þ¥ó¥É¤ÇÆþÎϤ·¤¿¤â¤Î¤È´°Á´¤Ë°ìÃפµ¤»¤ë¤³¤È!
AuthUserFile /usr/local/etc/apache22/Includes/passwdfile-digest
require user digest-test-user
¤Ä¤¤¤Ç¤ËÀè¤Î index.html ¤â¤Á¤ç¤³¤Ã¤Èľ¤·¤Æ¤ª¤³¤¦.
<html>
The digest auth function test was successful.
</html>
¤³¤ì¤ÇÀßÄê¤Ï OK ¤À.
ǧ¾Úµ¡Ç½¤¬¤¦¤Þ¤¯Æ¯¤¯¤«³Îǧ¤·¤Æ¤ß¤è¤¦.
http://localhost/test ¢« (¾å¤ÇÍÑ°Õ¤·¤¿¥Ç¥£¥ì¥¯¥È¥ê) ¤Ë¥¢¥¯¥»¥¹¤·¤Æ¤ß¤Æ¡¤¥æ¡¼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É¤¬Ê¹¤«¤ì¤ë¤Ï¤º¤Ê¤Î¤Ç¡¤test-user ¤È¤¤¤¦¥æ¡¼¥¶Ì¾¤òÆþ¤ì¡¤¼«Ê¬¤Ç¾å¤ÇÀßÄꤷ¤¿¥Ñ¥¹¥ï¡¼¥É¤òÆþ¤ì¤Æ¤ß¤è¤¦.
̵»ö¥¢¥¯¥»¥¹¤Ç¤¤Æ¡¤¾å¤Î "The digest auth ... "¤È¤¤¤¦É½¼¨¤¬¤ß¤é¤ì¤ì¤Ð OK ¤À.
¶á¤¯¤ÎÀʤ˺¤äƤ¤¤ë¿Í¤âǧ¾Úµ¡Ç½¤¬»È¤¨¤ë¤è¤¦¤Ë¾ðÊó¤òÄɲ䷤ơ¤»î¤·¤Æ¤â¤é¤ª¤¦.
¶ñÂÎŪ¤Ë¤Ï¡¤
cd /usr/local/etc/apache22/Includes htdigest ./passwdfile-digest "Digest auth test" ¤½¤Î¿ÍÍѤΥ桼¥¶Ì¾ ¤½¤Î¥æ¡¼¥¶¤Î¥Ñ¥¹¥ï¡¼¥É¤ò¿·µ¬¤Ë¹Í¤¨¤ÆÆþÎÏ
¤È¤·¤Æ¤«¤é¡¤Àè¤Î¥Ç¥£¥ì¥¯¥È¥êÃæ¤Ë¤¢¤ë .htaccess ¤Î require ¹Ô¤ò½¤Àµ¤·¤ÆÄɲä·¤¿¥æ¡¼¥¶¤â°Ê²¼¤Î¤è¤¦¤Ë²Ã¤¨¤Æ¡¤
require user digest-test-user Äɲå桼¥¶Ì¾ ¢« ¥¹¥Ú¡¼¥¹¤Ç¶èÀÚ¤ë
¤È¤¹¤ë¤«¡¤
Require valid-user
¤Èľ¤½¤¦.
¤½¤·¤Æ¡¤¤½¤Î¿Í¤Ë Web ¥Ö¥é¥¦¥¶¤Ç¼«Ê¬¤Î¥Û¥¹¥È¤ËÂФ·¤Æ http://q**.cl.math.sci.osaka-u.ac.jp/test ¢« (¼«Ê¬¤Î¥Û¥¹¥È̾/¾å¤ÇÍÑ°Õ¤·¤¿¥Ç¥£¥ì¥¯¥È¥ê) ¤È¤·¤Æ¥¢¥¯¥»¥¹¤·¤ÆÌ㤤¡¤¾å¤ÈƱÍͤ˥桼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É¤òÆþ¤ì¤Æ¥¢¥¯¥»¥¹¤Ç¤¤ë¤«¤ò¤ß¤ë¤Î¤Ç¤¢¤ë.
¤³¤ì¤â¸å¼Ô¤Î "Require valid-user" ¤Ï¡¤¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤Ë½ñ¤«¤ì¤Æ¤¤¤ë¥æ¡¼¥¶Á´¤Æ¤¬Âоݤˤʤ롤¤È¤¤¤¦ÀßÄê¤Ç¤¢¤ë.
¥¢¥¯¥»¥¹¤¹¤ë¥æ¡¼¥¶¤òÁý¤ä¤¹¤Ë¤Ï¡¤Â¾¤Ë¤â Group ¥Õ¥¡¥¤¥ë¤òÍѤ¤¤ëÊýË¡¤ä¥Ç¡¼¥¿¥Ù¡¼¥¹¤ò»È¤¦ÊýË¡¤Ê¤É¤¬¤¢¤ë. ¶ñÂÎŪ¤ÊÊýË¡¤Ï¾å¤Ë¤â¼¨¤·¤¿ Apache 2.2¥Þ¥Ë¥å¥¢¥ë¤Î¡Öǧ¾Ú¡¤¾µÇ§¡¤¥¢¥¯¥»¥¹À©¸æ¡×( http://httpd.apache.org/docs/2.2/ja/howto/auth.html )¤Ê¤É¤ËÃúÇ«¤Ë½ñ¤¤¤Æ¤¢¤ë¤Î¤Ç»²¾È¤»¤è.
htdigest ¤Ç¤â¥æ¡¼¥¶¤ò¡ÖÄɲáפ¹¤ë¤È¤¤Ï "-c" ¥ª¥×¥·¥ç¥ó¤¬¤Ê¤¤¤³¤È¤ËÃí°Õ¤»¤è.
¥ì¥Ý¡¼¥È †
TLS/SSL ¤Ë¤Ä¤¤¤ÆÄ´¤Ù¤è. Æäˡ¤Ç§¾Ú¤Î "¥ª¥ì¥ª¥ì¾ÚÌÀ" ¤Ë¤Ä¤¤¤Æ¡¤¤½¤Î¥»¥¥å¥ê¥Æ¥£¥ê¥¹¥¯¤òÄ´¤Ù¤è.
¤Þ¤¿¡¤Basic ǧ¾Ú¤È Digest ǧ¾Ú¤Î°ã¤¤¤òÄ´¤Ù¤è.
¤Þ¤¿¡¤web ¥µ¡¼¥Ð¤Ë¤Þ¤Ä¤ï¤ë¤½¤Î¾¤Î¥»¥¥å¥ê¥Æ¥£¥ê¥¹¥¯(ÀȼåÀ)¤Ë¤Ä¤¤¤Æ¤âÄ´¤Ù¤è.
ÆÃ¤Ë httpd.conf Ãæ¤Ç "Allowoverride AuthConfig" ¤Ç¤Ï¤Ê¤¯ "Allowoverride All" ¤È¤·¤¿¾ì¹ç¤É¤ì¤¯¤é¤¤´í¸±À¤¬Áý¤¹¤Î¤«¡¤¤è¤¯Ä´¤Ù¤è.
¤Þ¤¿¡¤ËÜÆü¹Ô¤Ã¤¿ºî¶È¤Ë¤Ä¤¤¤ÆÊó¹ð¤»¤è.
¤â¤Á¤í¤ó³Æ¼«¤Î
- ½ê°(³ØÉô¡¤³Ø²Ê)
- ³ØÀÒÈÖ¹æ
- ³Øǯ
- »á̾
- Æü»þ
- ´Î¿´¤Î¥ì¥Ý¡¼¥ÈÆâÍÆ(ÆÀ¤¿Ãθ«¡¤ºî¶È¤Ë¤Ä¤¤¤Æµ¤¤Å¤¤¤¿¤³¤ÈÅù)
¤ò½ñ¤¯¤Î¤ò˺¤ì¤Ê¤¤¤è¤¦¤Ë.
about Icons †
Some icons in this page are downloadable at ICONFINDER.
The "note" icon designed by Marco Martin is distributed with the LGPL licence
and the "warning" icon designed by Alexandre Moore with the GPL licence.
*1 http://www.apache.jp/misc/history.html ¤ËÆüËܸì¤Ç¤«¤«¤ì¤¿ Apache ¤Î²òÀ⤬¤¢¤ë
*2 ¼«Ê¬¤Î¥Þ¥·¥ó¤Ë»î¤·¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤ß¤ë¤À¤±¤Ê¤é¤Ð¤½¤ó¤Ê¤ËÌäÂê¤Ê¤¤¤³¤È¤¬Â¿¤¤¤Ë¤·¤Æ¤â¡¤¤À
*3 ¤¿¤Ö¤ó pkg_deinstall ¤¬»È¤¨¤ë¤À¤í¤¦
*4 ¥Ç¥£¥ì¥¯¥È¥ê¤ÎºîÀ®¥³¥Þ¥ó¥É¤Ï mkdir ¤À.
*5 Content-type ¤Î¸å¤Ë¶õ¹Ô¤¬½ÐÎϤµ¤ì¤Ê¤¤¤È¤¤¤±¤Ê¤¤µ¬³Ê¤Ê¤Î¤Ç¤³¤ÎÄ̤ê¤Ë½ñ¤¯¤Ù¤·.
źÉÕ¥Õ¥¡¥¤¥ë: warning.png 246·ï [¾ÜºÙ] 01.png 240·ï [¾ÜºÙ] How2ConnectWithWebserver.png 222·ï [¾ÜºÙ] notes.png 249·ï [¾ÜºÙ]