网站需求：

1.基于域名 www.openlab.com 可以访问网站内容为 welcome to openlab!!!

2.给该公司创建三个子界面分别显示学生信息，教学资料和缴费网站，

1、基于 www.openlab.com/student 网站访问学生信息，

2、基于 www.openlab.com/data 网站访问教学资料

3、基于 www.openlab.com/money 网站访问缴费网站。

3.要求

（1）学生信息网站只有 song 和 tian 两个用户可以访问，其他用户不能访问。

（2）访问缴费网站实现数据加密基于 https 访问。

一、创建openlab网站

编辑vhost.conf文件

 vim /etc/httpd/conf.d/vhost0.conf

<directory /openlab>
allowoverride none
require all granted
</directory>

<virtualhost 192.168.159.133:80>
servername www.openlab.com
documentroot /openlab
</virtualhost>

注意：需要创建/openlab文件，并写入index.html文件

mkdir /openlab
echo "welcome to openlab!!!" > /openlab/index.html

运行：

二、编辑/student网站

在/openlab下创建/student文件，并写入index.html文件

mkdir /openlab/student
echo "welcome to student , students' informati                                                                            on are all in here" > /student/index.html

创建两用户只能他们来访问该网站

代码：    htpasswd -c /etc/httpd/user song
New password:
Re-type new password:
Adding password for user song
代码：    htpasswd /etc/httpd/user tian
New password:
Re-type new password:
Adding password for user tian

<directory /openlab>
allowoverride none
require all granted
</directory>

<directory /openlab/student>
authtype basic
authname "please login: "
authuserfile /etc/httpd/user
require user song tian
</directory>

<virtualhost 192.168.159.133:80>
servername www.openlab.com/student
documentroot /openlab
alias /student /openlab/student
</virtualhost>

运行：

三、编辑/data网站

在/openlab下创建/datat文件，并写入index.html文件

mkdir /openlab/data
"welcom to data!!!" > /data/index.html

<directory /openlab>
allowoverride none
require all granted
</directory>

<virtualhost 192.168.159.133:80>
servername www.openlab.com
documentroot /openlab
alias /openlab /openlab/data
</virtualhost>

运行：

三、编辑/money网站

在/openlab下创建/datat文件，并写入index.html文件

mkdir /openlab/money
"welcome to money         !!!" > /money/index.html

加密：

[root@localhost money]# cd /etc/pki/tls/certs  注意，该代码要在该目录下输入
[root@localhost certs]# openssl genrsa > chs.key
[root@localhost certs]# ll
total 12
lrwxrwxrwx. 1 root root   49 Jul 29  2022 ca-bundle.crt -> /etc/pki/ca-t                                                                            rust/extracted/pem/tls-ca-bundle.pem
lrwxrwxrwx. 1 root root   55 Jul 29  2022 ca-bundle.trust.crt -> /etc/pk                                                                            i/ca-trust/extracted/openssl/ca-bundle.trust.crt
-rw-r--r--. 1 root root 1704 Nov 13 14:57 chs.key
-rw-r--r--. 1 root root 1367 Nov 11 20:55 jiami.crt
-rw-r--r--. 1 root root 3980 Nov 11 20:55 localhost.crt
[root@localhost certs]# openssl req -utf8 -new -key chs.key -x509 -days                                                                             100 -out chs.crt
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a                                                                             DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:cq
Locality Name (eg, city) [Default City]:cq
Organization Name (eg, company) [Default Company Ltd]:cq
Organizational Unit Name (eg, section) []:ce
Common Name (eg, your name or your server's hostname) []:www.openlab.com 你要访问的文件
Email Address []:admin@123
[root@localhost certs]# ll
total 16
lrwxrwxrwx. 1 root root   49 Jul 29  2022 ca-bundle.crt -> /etc/pki/ca-t                                                                            rust/extracted/pem/tls-ca-bundle.pem
lrwxrwxrwx. 1 root root   55 Jul 29  2022 ca-bundle.trust.crt -> /etc/pk                                                                            i/ca-trust/extracted/openssl/ca-bundle.trust.crt
-rw-r--r--. 1 root root 1399 Nov 13 14:59 chs.crt
-rw-r--r--. 1 root root 1704 Nov 13 14:57 chs.key
-rw-r--r--. 1 root root 1367 Nov 11 20:55 jiami.crt
-rw-r--r--. 1 root root 3980 Nov 11 20:55 localhost.crt
[root@localhost certs]# mv chs.key ../private/ 将.key文件移动到private目录下面

<directory /openlab>
allowoverride none
require all granted
</directory>

<virtualhost 192.168.159.133:443>
servername www.openlab.com
documentroot /openlab
alias /money /openlab/money
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/chs.crt
SSLCertificateKeyFile /etc/pki/tls/private/chs.key
</virtualhost>

<virtualhost 192.168.159.133:443>
servername 192.168.159.133
documentroot /openlab
alias /money /openlab/money
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/chs.crt
SSLCertificateKeyFile /etc/pki/tls/private/chs.key
</virtualhost>

运行：