Fix MariaDB 10 display Chinese problem on CentOS 8

1. vi /etc/my.cnf.d/mariadb-server.conf

2. Add character-set-server=utf8 under [mysqld]

Enable and Configure http to https redirection for Apache on CentOS 7

Method 1

• Create .htaccess file under the root of the web folder

         RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{HTTP_HOST} ^(www\.)?coolexample\.com RewriteRule ^(.*)$ https://www.coolexample.com/$1 [R,L]

where www.coolexample.com should change to the url of the website

• Check the line LoadModule rewrite_module modules/mod_rewrite.so in /etc/httpd/conf.modules.d/00-base.conf is not comment or missing. If it is commented or missed, the mod_rewrite of Apache is not enabled. 

• Edit the /etc/httpd/conf/httpd.conf to allow override

          <Directory /var/www/html>

     AllowOverride All
</Directory>

       

• Restart the Apache to put the change into effect 

Method 2

• vi /etc/httpd/conf.d/ssl.conf
• Add following

      <VirtualHost *:80>

                ServerAdmin webmaster@your domain name

                DocumentRoot /var/www/html/your folder root

                ServerName your server name

                RewriteEngine on

               RewriteRule ^(.*) https://your domain name$1 [R=301,L]

     </VirtualHost>

Build a webserver with CentOS 7, MySQL, PHP7.2 and use a existing wildcard SSL Certificate from Windows Server

Build a webserver with CentOS 7, MySQL, PHP7.2 and use a existing wildcard SSL Certificate from Windows Server

A.   Build a CentOS Linux server with minimum setup with developer options. After installed the CentOs, run yum -y update to upate the server to most update version

B.   Install Apache

Install Apache by yum yum install httpd

Start the httpd service systemctl start httpd.service

Let the httpd service start with the system systemctl enable httpd.service

C.   Configure the firewall

firewall-cmd --permanent --zone=public --add-service=http

firewall-cmd --permanent --zone=public --add-service=https

firewall-cmd --reload

D.   Install MySQL

Install mysql by yum yum install mariadb-server mariadb

Start the httpd service systemctl start mariadb

Let the httpd service start with the system systemctl enable mariadb.service

Configure the MYSQL sudo mysql_secure_installation

The new password for the “root” of MySQL

E.   Install PHP7.2

     yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm  

yum install yum-utils

yum-config-manager --enable remi-php72

yum install php php-mcrypt php-cli php-gd php-curl php-mysql php-ldap php-zip php-fileinfo

     systemctl restart httpd.service

F.    Install phpMyAdmin

yum -y install phpmyadmin

vi /etc/httpd/conf.d/phpMyAdmin.conf to add the ip or ip range to allow access the phpMyAdmin, following example is added the subnet 192.168.3.0/24 and 192.168.168.0/24

G.  Copy website to following directory in Linux cd /var/www/html by using ftp (install ftp before use the ftp yum install -y ftp)

H.  Import tables to MySQL by using phpMyAdmin

l Launch the phpMyAdmin

l Create the database as the program required, here is “cfweb”

l Click on the “Import” tab to begin import the tables

 

I. Run following command openssl version, if the openssl was installed, the output should like OpenSSL 1.0.2k-fips  26 Jan 2017

J.    Install mod_ssl

Before configure the SSL, run following command to install the SSL module

yum -y install mod_ssl

K.   Export the PFX file from Windows Server

l Click Start, Run, then type “mmc” and hit enter.

l In the leftmost menu, choose “Add/Remove Snap In” under “File”.

l Click “Certificates”, then click “Add”, then OK.

l When the wizard starts, choose “Computer Account”, “Local Computer” and finish out the wizard.

l Once you’re finished, go back to the MMC and expand the “Certificates” node, then the “Personal” node.

l Click on the “Certificates” node under “Personal” and find your certificate in the right pane.

l Right click on the certificate and choose “All Tasks”, then “Export”.

l When the wizard starts, choose “Yes” for exporting the private key, you will also need to set a password and specify a file name and location for the PFX file, e.g. “ssl.pfx” and in c:\temp

l Once the PFX file has been saved, close out the MMC (don’t save the snap-in if it asks).

L.    Enable SSL in CentOS

l Copy the PFX to a directory (e.g. /ssl) under root directory of the Linux server, e.g. use ftp

l In Linux server, change to the directory ssl cd /ssl

l In /ssl directory, run openssl pkcs12 -in ssl.pfx -out ssl.pem

l Copy the ssl.pem to 2 files cp ./ssl.pem ./ssl.crt and cp ./ssl.pem ./ssl.key

l    In ssl.crt file, clear the content out of following

-----BEGIN CERTIFICATE-----  and  -----END CERTIFICATE-----

l    In ssl.key file, clear the content out of following

-----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY-----

l cp ./ssl.crt /etc/pki/tls/certs/ssl.crt

l cp ./ssl.key /etc/pki/tls/private/ssl.key

l vi /etc/httpd/conf.d/ssl.conf

l edit the two line in ssl.conf like this

  SSLCertificateFile /etc/pki/tls/certs/ssl.crt

  SSLCertificateKeyFile /etc/pki/tls/private/ssl.key

l systemctl restart httpd