This guide will explain how to set up a site over https.
1. Get the required software
~~~~~~~~~~~~~~~~~
For an SSL encrypted web server you will need a few things. Depending on your install you may or may not have OpenSSL and mod_ssl, Apache's interface to OpenSSL.
Use yum to install following, if centos
======================
yum install mod_ssl openssl
======================
Use apt-get to install following, if ubuntu
========================
apt-get install apache2 apache2-common;
========================
Now run following command in ubuntu to enable mod_ssl
================
a2enmod ssl
================
Yum will either tell you they are installed or will install them for you.
2. Generate CSR & purchase SSL
~~~~~~~~~~~~~~~~~~~~~
Get it done as per following KB article.
[ article:832 ]Generating CSR for Customers & Guidelines for SSL installation requests
3. Create /etc/httpd/conf.d/example.com.conf, if centos.
If ubuntu, create /etc/apache2/sites-available/example.com. Now, run following command.
================
a2ensite example.com
================
Now, add following contents in /etc/httpd/conf.d/example.com.conf or /etc/apache2/sites-available/example.com.
==============================
NameVirtualHost 192.168.1.56:443
ServerAdmin admin@example.com
DocumentRoot /var/www/html/example_www/
ServerName server1.example.com
ServerAlias www.example.com
ErrorLog logs/example.com-error_log
CustomLog logs/example.com-access_log common
Allowoverride All
NameVirtualHost 192.168.1.56:443
SSLEngine on
SSLCertificateFile /etc/ssl/example.com.crt
SSLCertificateKeyFile /etc/ssl/example.com.key
SSLCACertificateFile /etc/ssl/example.com.ca
Allowoverride All
ServerAdmin admin@example.com
DocumentRoot /var/www/html/example_com_www/
ServerName server1.example.com
ServerAlias www.example.com
ErrorLog logs/example.com-error_log
CustomLog logs/example.com-access_log common
===============================
Make sure following.
(i) IP 192.168.1.56 is replaced with correct IP address
(ii) example.com is replaced with correct domain name
(iii) document root is /var/www/html/example_com_www/
3. Create /etc/ssl/
4. Save Cert, Key & Intermediate CA as given below.
Cert: /etc/ssl/example.com.crt
Key: /etc/ssl/example.com.key
Intermediate CA: /etc/ssl/example.com.ca
/etc/init.d/httpd restart [ centos]
/etc/init.d/apache2 restart [ubuntu]
5. Access website using https://192.168.1.56:443 and ensure that it is working fine.
Ubuntu reference: https://help.ubuntu.com/10.04/serverguide/C/httpd.html
1. Get the required software
~~~~~~~~~~~~~~~~~
For an SSL encrypted web server you will need a few things. Depending on your install you may or may not have OpenSSL and mod_ssl, Apache's interface to OpenSSL.
Use yum to install following, if centos
======================
yum install mod_ssl openssl
======================
Use apt-get to install following, if ubuntu
========================
apt-get install apache2 apache2-common;
========================
Now run following command in ubuntu to enable mod_ssl
================
a2enmod ssl
================
Yum will either tell you they are installed or will install them for you.
2. Generate CSR & purchase SSL
~~~~~~~~~~~~~~~~~~~~~
Get it done as per following KB article.
[ article:832 ]Generating CSR for Customers & Guidelines for SSL installation requests
3. Create /etc/httpd/conf.d/example.com.conf, if centos.
If ubuntu, create /etc/apache2/sites-available/example.com. Now, run following command.
================
a2ensite example.com
================
Now, add following contents in /etc/httpd/conf.d/example.com.conf or /etc/apache2/sites-available/example.com.
==============================
NameVirtualHost 192.168.1.56:443
ServerAdmin admin@example.com
DocumentRoot /var/www/html/example_www/
ServerName server1.example.com
ServerAlias www.example.com
ErrorLog logs/example.com-error_log
CustomLog logs/example.com-access_log common
Allowoverride All
NameVirtualHost 192.168.1.56:443
SSLEngine on
SSLCertificateFile /etc/ssl/example.com.crt
SSLCertificateKeyFile /etc/ssl/example.com.key
SSLCACertificateFile /etc/ssl/example.com.ca
Allowoverride All
ServerAdmin admin@example.com
DocumentRoot /var/www/html/example_com_www/
ServerName server1.example.com
ServerAlias www.example.com
ErrorLog logs/example.com-error_log
CustomLog logs/example.com-access_log common
===============================
Make sure following.
(i) IP 192.168.1.56 is replaced with correct IP address
(ii) example.com is replaced with correct domain name
(iii) document root is /var/www/html/example_com_www/
3. Create /etc/ssl/
4. Save Cert, Key & Intermediate CA as given below.
Cert: /etc/ssl/example.com.crt
Key: /etc/ssl/example.com.key
Intermediate CA: /etc/ssl/example.com.ca
/etc/init.d/httpd restart [ centos]
/etc/init.d/apache2 restart [ubuntu]
5. Access website using https://192.168.1.56:443 and ensure that it is working fine.
Ubuntu reference: https://help.ubuntu.com/10.04/serverguide/C/httpd.html
No comments:
Post a Comment