Apache 2 with SSL

I did this on Ubuntu 8.04 (Hardy), but I'm sure it will work on the equivalent Debian system. I installed the server version, but the Desktop should be fine also.

I installed LAMP (Linux Apache MySQL and PHP), or you can install apache2 

$ sudo apt-get install apache2

Create a Certificate

Before you create the certificate. After you install ssl-cert below, open /usr/sbin/make-ssl-cert and look for, 

if [ "$1" != "generate-default-snakeoil" ]; then
    openssl req -config $TMPFILE -new -x509 -days 365 -nodes -out $output -keyout $output > /dev/null 2>&1
    chmod 600 $output
    # hash symlink
    cd $(dirname $output)
    ln -sf $(basename $output) $(openssl x509 -hash -noout -in $output)
else
    openssl req -config $TMPFILE -new -x509 -days 365 -nodes \
        -out /etc/ssl/certs/ssl-cert-snakeoil.pem \
        -keyout /etc/ssl/private/ssl-cert-snakeoil.key > /dev/null 2>&1
    chmod 644 /etc/ssl/certs/ssl-cert-snakeoil.pem
    chmod 640 /etc/ssl/private/ssl-cert-snakeoil.key
    chown root:ssl-cert /etc/ssl/private/ssl-cert-snakeoil.key
    # hash symlink
    cd /etc/ssl/certs/
    ln -sf ssl-cert-snakeoil.pem $(openssl x509 -hash -noout -in ssl-cert-snakeoil.pem)
fi

If you add -days 365 to those two openssl commands, the certificate will be good for 365 days. 

$ sudo apt-get install ssl-cert
$ sudo mkdir /etc/apache2/ssl
$ sudo make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

Install Module

$ sudo a2enmod ssl
$ sudo /etc/init.d/apache2 force-reload

Create virtualhost

Make a copy of the default VirtualHost 

$ sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl

Modify /etc/apache2/sites-available/ssl so that you have, 

NameVirtualHost *:443

and 

<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem

.
.
.

</VirtualHost>

Enable SSL virtualhost

$ sudo a2ensite ssl
$ sudo /etc/init.d/apache2 reload

Modify /etc/apache2/sites-available/default so that you change your NameVirtualHost and any other virtual hosts to *:80 as in the next two lines. 

NameVirtualHost *:80
<VirtualHost *:80>

Restart Apache server

$ sudo /etc/init.d/apache2 restart

Add other virtual hosts

I add mine to the file /etc/apache2/httpd.conf, but you can add them elsewhere -- probably somewhere more appropriate.

Here's an example. 

<VirtualHost *:443>
ServerName my.example.com
DocumentRoot /var/www/myexample/htdocs
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
</VirtualHost>

My Sample Virtual Hosts /etc/apache2/httpd.conf

<Directory /var/www/localhost/htdocs>
Options All MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<VirtualHost *:80>
ServerName www.example.com
DocumentRoot /var/www/localhost/htdocs
LogLevel warn
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
DocumentRoot /var/www/localhost/htdocs
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
LogLevel warn
CustomLog /var/log/apache2/access.log combined
</VirtualHost>

Reference

https://help.ubuntu.com/community/forum/server/apache2/SSL »

Page Comments (Click to edit)






[Click to add or edit comments])

Please prepend comments below including a date

Design by N.Design Studio, adapted by solidGone.org (version 1.0.0)
Have a nice day.