生成证书 (LIMRCA.cer 用于手机安装)  （待完成  // TODO) 

key: openssl genrsa -out QINCA.key 2048
openssl req -x509 -new -key QINCA.key -out QINCA.cer -days 730 -subj /CN="QIN CA"
openssl x509 -req -in server.csr -CA QINCA.cer -CAkey QINCA.key -CAcreateserial -out server2.crt -days 730 -extfile sign.cnf
#openssl x509 -req -in server.csr -out server.crt -CAkey QINCA.key -CA QINCA.cer -days 3650 -CAcreateserial -CAserial server.serial
#openssl x509 -req -in mycert1.req -out mycert1.cer -CAkey myCA.key -CA myCA.cer -days 365 -CAcreateserial -CAserial serial

ssh 免密码登陆

cat id_rsa.pub >> authorized_keys

Apache 配置

sudo cp server.crt /etc/ssl/certs
sudo cp server.key /etc/ssl/private

SSLEngine on
SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key

反向代理示例：

ssh -R 14.152.59.18:1203:192.168.0.55:3389 flybird@14.152.59.18 -p 1202