| How To Install And Implement SSL/HTTPS With Apache On Ubuntu/Debian (Self-Signed) |
 |
 |
 |
| How To - Apache HTTP Server | |
| Written by Christian Foronda | |
| Thursday, 12 May 2011 17:54 | |
|
Install Apache: # aptitude install apache2
Enable mod_ssl: # a2enmod ssl
Generate private key: # cd /etc/ssl/certs # openssl genrsa -des3 -out systmbx.com.key 2048
Enter a passphrase to protect your key pair. Generating RSA private key, 2048 bit long modulus .........................................................+++ .........................................+++ e is 65537 (0x10001) Enter pass phrase for systmbx.com.key: Verifying - Enter pass phrase for systmbx.com.key:
Generate a Certificate Signing Request (CSR): # openssl req -new -key systmbx.com.key -out systmbx.com.csr
Provide the information and hit [Enter] key to accept defaults. Enter pass phrase for systmbx.com.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:PH State or Province Name (full name) [Some-State]: Locality Name (eg, city) []:Manila Organization Name (eg, company) [Internet Widgits Pty Ltd]:Systmbx Organizational Unit Name (eg, section) []:NOC Common Name (eg, YOUR name) []:systmbx.com Email Address []:chr1x2 at systmbx.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
Sign the CSR or generate the self-signed SSL certificate): # openssl x509 -req -days 365 -in systmbx.com.csr -signkey systmbx.com.key -out systmbx.com.crt
Signature ok subject=/C=PH/ST=Manila/L=Manila/O=Systmbx/OU=NOC/CN=www.systmbx.com/emailAddress=chr1x2 at systmbx.com Getting Private key Enter pass phrase for systmbx.com.key:
Install the self-signed certificate: # vi /etc/apache2/site-enabled/systmbx.com
<VirtualHost *:80> ServerAdmin chr1x2 at systmbx.com ServerName systmbx.com ServerAlias www.systmbx.com DocumentRoot /home/systmbx.com/public_html <Directory /home/systmbx.com/public_html/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel debug CustomLog /var/log/apache2/systmbx.com/access.log combined ErrorLog /var/log/apache2/systmbx.com/error.log </VirtualHost>
# vi /etc/apache2/site-enabled/systmbx.com-ssl
<VirtualHost *:443> ServerAdmin chr1x2 at systmbx.com ServerName systmbx.com ServerAlias www.systmbx.com DocumentRoot /home/systmbx.com/public_html SSLEngine on SSLProtocol all SSLOptions +StrictRequire SSLCertificateFile /etc/ssl/certs/systmbx.com.crt SSLCertificateKeyFile /etc/ssl/certs/systmbx.com.key SSLCACertificateFile /etc/ssl/certs/systmbx.com.csr <Directory /home/systmbx.com/public_html/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel debug CustomLog /var/log/apache2/systmxb.com-ssl/access.log combined ErrorLog /var/log/apache2/systmbx.com-ssl/error.log </VirtualHost>
Create the log directory: # mkdir /var/log/apache/systmbx.com # mkdir /var/log/apache/systmbc.com-ssl
Redirect all traffic to use SSL: # vi /home/systmbx.com/public_html/.htaccess
RewriteEngine On
RewriteBase /
## Redirect to use SSL
RewriteCond %{SERVER_PORT} ^80$
RewriteCond %{HTTP_HOST} ^rated-patent\.com [NC]
RewriteRule ^(.*) https://%{HTTP_HOST}/$1 [L,R]
Enable rewrite module: # a2enmod rewrite
Check Apache configuration: # apache2ctl configtest
Syntax OK
Restart Apache: # /etc/init.d/apache2 restart
Similar articles
|
|
| Last Updated on Thursday, 12 May 2011 18:13 |
