在CentOS8或RHEL8上安装Apache httpd( 二 ) _Apache

sudo systemctl disable httpd.service3.3 重启httpd服务
有两个重新启动httpd服务的选项。

停止正在运行的httpd服务，并立即重新启动它—这在安装或删除动态加载的模块(如php)之后非常有用。

sudo systemctl restart httpd.service

重新加载配置而不影响活动请求—正在运行的httpd服务将只重新加载其配置文件，当前正在处理的所有请求将继续使用旧的配置。

sudo systemctl reload httpd.service要检查配置中可能出现的错误，输入:
sudo apachectl configtestSyntax OK
如果配置文件没有错误，您应该获得Syntax OK的输出结果。
4. 在RHEL8或者CentOS8系统上加载SSL模块
我们安装了mod_ssl模块，但是在使用它之前，必须使用LoadModule指令加载模块。

文章插图
在RHEL8或者CentOS8系统上加载SSL模块
要加载mod_ssl DSO ，请在httpd.conf配置文件的末尾添加下面一行。
LoadModule ssl_module modules/mod_ssl.so见下面截图。

文章插图
在RHEL8或者CentOS8系统上加载SSL模块

加载模块后重新启动Web服务器以重新加载配置。
sudo systemctl restart httpd默认的SSL配置文件/etc/httpd/conf.d/ssl.conf 。例如，您可以通过修改这个文件中的SSL Protocol指令来禁用SSL版本2和SSL版本3 。
SSLProtocol all -SSLv2 -SSLv3下面一行将禁用所有的SSL和TLS协议除了TLS 1和以上
SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2更改之后重新启动Apache守护进程。
sudo systemctl restart httpd要检查启用或禁用了哪些版本的SSL和TLS ，可以使用openssl s_client -connect命令。openssl s_client -connect命令。openssl s_client -connect hostname:port -protocol
openssl s_client -connect <hostname>:<port> -<protocol>可选的协议-ssl2, -ssl3,-tls1,-tls1_1,-tls1_2 等等。
查看以下案例
# Test if SSLv3 is enabled$ openssl s_client -connect localhost:443 -ssl3# Test if TLSv1.2 is enable$ openssl s_client -connect localhost:443 -tls1_2输出类似的结果：
# openssl s_client -connect localhost:443 -tls1_2CONNECTED(00000004)depth=1 C = US, O = Unspecified, OU = ca-4688871391028164607, CN = rhel8.local, emailAddress = root@rhel8.localverify error:num=19:self signed certificate in certificate chain---Certificate chain 0 s:C = US, O = Unspecified, CN = rhel8.local, emailAddress = root@rhel8.local i:C = US, O = Unspecified, OU = ca-4688871391028164607, CN = rhel8.local, emailAddress = root@rhel8.local 1 s:C = US, O = Unspecified, OU = ca-4688871391028164607, CN = rhel8.local, emailAddress = root@rhel8.local i:C = US, O = Unspecified, OU = ca-4688871391028164607, CN = rhel8.local, emailAddress = root@rhel8.local---Server certificate-----BEGIN CERTIFICATE-----MIIErTCCApWgAwIBAgIIfoNXRr0/654wDQYJKoZIhvcNAQELBQAwezELMAkGA1UEBhMCVVMxFDASBgNVBAoMC1Vuc3BlY2lmaWVkMR8wHQYDVQQLDBZjYS00Njg4ODcxMzkxMDI4MTY0NjA3MRQwEgYDVQQDDAtyaGVsOC5sb2NhbDEfMB0GCSqGSIb3DQEJARYQcm9vdEByaGVsOC5sb2NhbDAeFw0xODEyMjkwNzQ3NDFaFw0yMDAxMDMwOTI3NDFaMFoxCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtVbnNwZWNpZmllZDEUMBIGA1UEAwwLcmhlbDgubG9jYWwxHzAdBgkqhkiG9w0BCQEWEHJvb3RAcmhlbDgubG9jYWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCXG/tlwvg8jf7Aa+rBXt8V0ZV5krqXnkF3N2xccKjJLKRY6psny0rdaf7qNF9fjNPTNmP6PdqSvpxvhG0gjoVlo0PU79M7sq74esx8A+UdSqPkqDfnrszBthb+PYBj0yQu88/0aS6GIPWbeWF235ZuRIAYdin92ZmcXqsafX1qGlErgZN+UrisrVPZFgM2rKWMnuIxOmSeqwdsrHGIlv2lROipNxEosqqqBXAVS3VX7Q8yMaGT3GgU6Nf8TbT84lnMDsYj4bgtlh1Ry+ck8jAmuN3rujvgCsTWQ1v4s4m5/p/iq3aGFOyIq8z2qdCA24leYhSXpPrFqkKXIr7UkTtAgMBAAGjVjBUMA4GA1UdDwEB/wQEAwIFoDAJBgNVHRMEAjAAMBYGA1UdEQQPMA2CC3JoZWw4LmxvY2FsMB8GA1UdIwQYMBaAFOwi+L9TpxZTDY3TYF29uCq5mW7MMA0GCSqGSIb3DQEBCwUAA4ICAQAWgBjsNHhcI9dAAs1cuhmox6j7EYS2nGDe+BVlMdtETVBbSfUV27L+9G3NF9XMOjrUmX67mBqEsGwLiyUaDSFS8JgcJ1zw0V2Q0k8PLgnBuGKOwkKvPWGPtB2GGJCTBbp0WCByPNsufyIG8+7GHov0StG6s8nYUSSjHHQcZpx42BybuLmGt6GvSgN+TMPJl5mApPHNdpUrrf8DWyyP2yAgoB6/XSy3rafBP+1WE38Cs+iHgFoTH05iFtPtMVF1/oLVA4jDfU0T4thqoHFLNwAWYPts6dOgOwT9rZe8e0FtbXCd4PJ+3RZHB+JV+IPVF6nF+GVXxr0jT/Fu6+15dHVWbdZUWzscdSV8lae0vyhpjQRgUdISqbVhmWt1ruRTgZ443fj6NgrFeht0X3pS1WnHyxMT3Aj6nAZnInlZoaX0xNdPE31ZsgWn6yoFXVEWlVs50xZ+31V+2/LDLQiqVYMRoid1uRZxAp4X80AMUfqcv4g3/ebLhLsdStCVT7YASrJ/a8fRNNFEJhHOlPaqVsaerBvKrviyjocEQsPzX2cKoP1RlmDMUoDqFHUo8jIFsWAC2YKe0rsNTSwZTYUHZuc+FzRyKKmpsIrzFMNlgZ3hevqQPJDRyyB+Nru6mxqSn6L36PbdfYkWOWEDmllnCTAATopYBtmegsYncFRNnEnBBg==-----END CERTIFICATE-----subject=C = US, O = Unspecified, CN = rhel8.local, emailAddress = root@rhel8.localissuer=C = US, O = Unspecified, OU = ca-4688871391028164607, CN = rhel8.local, emailAddress = root@rhel8.local.......