-
Enabling apache-SSL
What files need to be edited to enable apache to work in SSL mode (https), port 443?
thanks in advance,
Jim
-
Junior Member
registered user
hi,
the mod_ssl module is loaded in /etc/apache/httpd.conf so it should be enabled.
other modules, like PHP, server-info & server-status also work fine ...
only problem is that the httpd.conf is write-proteced (linked), so i copied it to alt.conf, edited that file and enabled the modules i wanted and used "apache -f /etc/apache/alt.conf"
i searched around a bit and found this :
http://ist.uwaterloo.ca/security/lib.../howto/ssleay/
it seems you need to install a certificate to enable SSL ??
Goner
-
![Quote](images/misc/quote_icon.png)
Originally Posted by
Goner
hi,
the mod_ssl module is loaded in /etc/apache/httpd.conf so it should be enabled.
other modules, like PHP, server-info & server-status also work fine ...
only problem is that the httpd.conf is write-proteced (linked), so i copied it to alt.conf, edited that file and enabled the modules i wanted and used "apache -f /etc/apache/alt.conf"
i searched around a bit and found this :
http://ist.uwaterloo.ca/security/lib.../howto/ssleay/
it seems you need to install a certificate to enable SSL ??
Goner
I tried various other things, including creating a certificate, was not able to get it to work on port 443 using SSL yet.
Jim
-
Ok,
I got it working after this:
I used the (installed) libapache-mod-ssl package to create certificates.
Go to /usr/share/doc/libapache-mod-ssl/examples
Unzip gid-mkcert.sh.gz and run it.
Fill out all the fields, and a bunch of server.* and ca.* files will be created in the current directory.
(remember the pass phrases you use).
Copy the .key files (ca.key and server.key) to /etc/apache/ssl.key
Copy the .crt files (ca.crt and server.crt) to /etc/apache/ssl.crt
Copy the .crs files (ca.crs and server.crs) to /etc/apache/ssl.crs
Add the following to /etc/apache/httpd.conf:
Code:
Listen 80
Listen 443
And:
Code:
<VirtualHost _default_:443>
DocumentRoot /var/www
ServerName My.server.com
ServerAdmin webmaster@my.server.com
ErrorLog /var/log/apache/ssl_error_log
TransferLog /var/log/apache/ssl_access_log
SSLEngine On
SSLCertificateFile /etc/apache/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache/conf/ssl.key/server.key
<Files ~ "\.(cgi|shtml|php)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /var/log/apache/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Restart the httpd server:
Code:
/etc/init.d/apache restart
You will be asked for the RSA pass phrase.
Regards,
IKK
Similar Threads
-
By helios17 in forum General Support
Replies: 1
Last Post: 11-21-2004, 01:11 AM
-
By cul971 in forum General Support
Replies: 2
Last Post: 11-05-2003, 02:05 PM
-
By blackshadow in forum General Support
Replies: 1
Last Post: 06-10-2003, 04:11 PM
-
By dafne in forum Customising & Remastering
Replies: 1
Last Post: 05-23-2003, 12:05 PM
-
By Cyber in forum Customising & Remastering
Replies: 0
Last Post: 12-18-2002, 03:07 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
![1U BareMetal pfsense opnsense Router Firewall DNS Server 6x 10GB Ethernet Ports picture](/store/img/g/fxsAAOSwZD5l6PSG/s-l225/1U-BareMetal-pfsense-opnsense-Router-Firewall-DNS-.jpg)
1U BareMetal pfsense opnsense Router Firewall DNS Server 6x 10GB Ethernet Ports
$149.00
![VPS Windows / Linux Server - 12GB RAM, 4 Core, 1 TB HD, Unltd. bandwidth 1 Year picture](/store/img/g/BvgAAOSwxVReHqHl/s-l225/VPS-Windows-Linux-Server-12GB-RAM-4-Core-1-TB-HD-U.jpg)
VPS Windows / Linux Server - 12GB RAM, 4 Core, 1 TB HD, Unltd. bandwidth 1 Year
$280.50
![1U 10 SFF Bay Supermicro Server X10DRW-iT 2x Xeon E5-2690 V4 128GB DDR4 RAM picture](/store/img/g/IxIAAOSwL5NjRJXz/s-l225/1U-10-SFF-Bay-Supermicro-Server-X10DRW-iT-2x-Xeon-.jpg)
1U 10 SFF Bay Supermicro Server X10DRW-iT 2x Xeon E5-2690 V4 128GB DDR4 RAM
$399.00
![HP ProLiant ML350 (E5-5620) Server Gen 6 picture](/store/img/g/jMUAAOSwY6xmgjBu/s-l225/HP-ProLiant-ML350-E5-5620-Server-Gen-6.jpg)
HP ProLiant ML350 (E5-5620) Server Gen 6
$299.00
![Globalscale Technologies DreamPlug AppNeta M22 Linux Server Dual GB Ethernet picture](/store/img/g/Xs4AAOSwjrlkdWYQ/s-l225/Globalscale-Technologies-DreamPlug-AppNeta-M22-Lin.jpg)
Globalscale Technologies DreamPlug AppNeta M22 Linux Server Dual GB Ethernet
$24.99
![Dell PowerEdge R210 II Rackmount Server Xeon E31220L 16Gb 1TB + 500GB LINUX 6.6 picture](/store/img/g/v-EAAOSwjuZmMTyR/s-l225/Dell-PowerEdge-R210-II-Rackmount-Server-Xeon-E3122.jpg)
Dell PowerEdge R210 II Rackmount Server Xeon E31220L 16Gb 1TB + 500GB LINUX 6.6
$129.00
![Súper Micro 1U X10DRW-iT 2x E5-2698 V3 - 128Gb Memory -2x 8TB HD 4 Bay 3.5 picture](/store/img/g/dN0AAOSwcBxmeb-Y/s-l225/S-per-Micro-1U-X10DRW-iT-2x-E5-2698-V3-128Gb-Memor.jpg)
Súper Micro 1U X10DRW-iT 2x E5-2698 V3 - 128Gb Memory -2x 8TB HD 4 Bay 3.5
$400.00
![6x Fedora Linux Computer Sticker Decals Desktop Laptop Server Badge Decal Vinyl picture](/store/img/g/G40AAOSwF8xl3jgT/s-l225/6x-Fedora-Linux-Computer-Sticker-Decals-Desktop-La.jpg)
6x Fedora Linux Computer Sticker Decals Desktop Laptop Server Badge Decal Vinyl
$2.99
![POGO Linux WEBWARE 1150 Rack-Mount Server Pentium 4 2.8GHz 512MB - No Drives picture](/store/img/g/87EAAOSwtM5jMyRz/s-l225/POGO-Linux-WEBWARE-1150-Rack-Mount-Server-Pentium-.jpg)
POGO Linux WEBWARE 1150 Rack-Mount Server Pentium 4 2.8GHz 512MB - No Drives
$152.99
![Australia - Win/Linux Server- 2GB RAM, 1 Core,100 GB HD, Ultd Bandwidth 2 yrs picture](/store/img/g/BvgAAOSwxVReHqHl/s-l225/Australia-Win-Linux-Server-2GB-RAM-1-Core-100-GB-H.jpg)
Australia - Win/Linux Server- 2GB RAM, 1 Core,100 GB HD, Ultd Bandwidth 2 yrs
$200.36