-
Enabling apache-SSL
What files need to be edited to enable apache to work in SSL mode (https), port 443?
thanks in advance,
Jim
-
Junior Member
registered user
hi,
the mod_ssl module is loaded in /etc/apache/httpd.conf so it should be enabled.
other modules, like PHP, server-info & server-status also work fine ...
only problem is that the httpd.conf is write-proteced (linked), so i copied it to alt.conf, edited that file and enabled the modules i wanted and used "apache -f /etc/apache/alt.conf"
i searched around a bit and found this :
http://ist.uwaterloo.ca/security/lib.../howto/ssleay/
it seems you need to install a certificate to enable SSL ??
Goner
-
![Quote](images/misc/quote_icon.png)
Originally Posted by
Goner
hi,
the mod_ssl module is loaded in /etc/apache/httpd.conf so it should be enabled.
other modules, like PHP, server-info & server-status also work fine ...
only problem is that the httpd.conf is write-proteced (linked), so i copied it to alt.conf, edited that file and enabled the modules i wanted and used "apache -f /etc/apache/alt.conf"
i searched around a bit and found this :
http://ist.uwaterloo.ca/security/lib.../howto/ssleay/
it seems you need to install a certificate to enable SSL ??
Goner
I tried various other things, including creating a certificate, was not able to get it to work on port 443 using SSL yet.
Jim
-
Ok,
I got it working after this:
I used the (installed) libapache-mod-ssl package to create certificates.
Go to /usr/share/doc/libapache-mod-ssl/examples
Unzip gid-mkcert.sh.gz and run it.
Fill out all the fields, and a bunch of server.* and ca.* files will be created in the current directory.
(remember the pass phrases you use).
Copy the .key files (ca.key and server.key) to /etc/apache/ssl.key
Copy the .crt files (ca.crt and server.crt) to /etc/apache/ssl.crt
Copy the .crs files (ca.crs and server.crs) to /etc/apache/ssl.crs
Add the following to /etc/apache/httpd.conf:
Code:
Listen 80
Listen 443
And:
Code:
<VirtualHost _default_:443>
DocumentRoot /var/www
ServerName My.server.com
ServerAdmin webmaster@my.server.com
ErrorLog /var/log/apache/ssl_error_log
TransferLog /var/log/apache/ssl_access_log
SSLEngine On
SSLCertificateFile /etc/apache/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache/conf/ssl.key/server.key
<Files ~ "\.(cgi|shtml|php)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /var/log/apache/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Restart the httpd server:
Code:
/etc/init.d/apache restart
You will be asked for the RSA pass phrase.
Regards,
IKK
Similar Threads
-
By helios17 in forum General Support
Replies: 1
Last Post: 11-21-2004, 01:11 AM
-
By cul971 in forum General Support
Replies: 2
Last Post: 11-05-2003, 02:05 PM
-
By blackshadow in forum General Support
Replies: 1
Last Post: 06-10-2003, 04:11 PM
-
By dafne in forum Customising & Remastering
Replies: 1
Last Post: 05-23-2003, 12:05 PM
-
By Cyber in forum Customising & Remastering
Replies: 0
Last Post: 12-18-2002, 03:07 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
![New Precision DWDM SFP+ 10G 80km Tunable Transceiver 50GHz C-Temp DWDM-SFP10G-C picture](/store/img/g/tqEAAOSwkbxmR-l8/s-l225/New-Precision-DWDM-SFP-10G-80km-Tunable-Transceive.jpg)
New Precision DWDM SFP+ 10G 80km Tunable Transceiver 50GHz C-Temp DWDM-SFP10G-C
$90.00
![LOT OF 10 HPE JD092B X130 10G SFP+ LC SR Transceiver picture](/store/img/g/EMwAAOSwW05l1QTO/s-l225/LOT-OF-10-HPE-JD092B-X130-10G-SFP-LC-SR-Transceive.jpg)
LOT OF 10 HPE JD092B X130 10G SFP+ LC SR Transceiver
$40.00
![New Cisco SFP-25G-SR-S 25G SFP28 25GBASE-SR 850nm 300m LC MMF Transceiver Module picture](/store/img/g/R5EAAOSwwLtmfi4p/s-l225/New-Cisco-SFP-25G-SR-S-25G-SFP28-25GBASE-SR-850nm-.jpg)
New Cisco SFP-25G-SR-S 25G SFP28 25GBASE-SR 850nm 300m LC MMF Transceiver Module
$51.30
![LOT OF 20 Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module picture](/store/img/g/JEEAAOSwzu9ibCFX/s-l225/LOT-OF-20-Genuine-Cisco-SFP-10G-SR-V03-10GBASE-SR-.jpg)
LOT OF 20 Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module
$90.25
![🔥🔥🔥 CISCO SFP-10G-SR V03 10-2415-03 850nm 10GBASE-SR SFP+ Multi Module 🔥🔥🔥 picture](/store/img/g/KTkAAOSwcmBisISE/s-l225/-CISCO-SFP-10G-SR-V03-10-2415-03-850nm-10GBASE-SR-.jpg)
🔥🔥🔥 CISCO SFP-10G-SR V03 10-2415-03 850nm 10GBASE-SR SFP+ Multi Module 🔥🔥🔥
$6.80
![HP 560SFP+ 2-Port 10GB SFP+ PCIe (High Profile) Network Adapter Card 669279-001 picture](/store/img/g/bFgAAOSwOWtmhAlX/s-l225/HP-560SFP-2-Port-10GB-SFP-PCIe-High-Profile-Networ.jpg)
HP 560SFP+ 2-Port 10GB SFP+ PCIe (High Profile) Network Adapter Card 669279-001
$12.49
![GENUINE Cisco SFP-10G-SR V03 SFP+ GBIC Transceiver Module 10-2415-03 picture](/store/img/g/tAkAAOSwdENkHItI/s-l225/GENUINE-Cisco-SFP-10G-SR-V03-SFP-GBIC-Transceiver-.jpg)
GENUINE Cisco SFP-10G-SR V03 SFP+ GBIC Transceiver Module 10-2415-03
$6.80
![Genuine Cisco ‎SFP-10G-SR Transceiver Module (10-2415-03) picture](/store/img/g/EGsAAOSwOLplBoX9/s-l225/Genuine-Cisco-SFP-10G-SR-Transceiver-Module-10-241.jpg)
Genuine Cisco ‎SFP-10G-SR Transceiver Module (10-2415-03)
$6.45
![NEW Sealed Cisco SFP-10G-LR 10GBASE-LR SFP+ 1310nm 10km *US Shipping* picture](/store/img/g/Tb4AAOSwmeVlqJuU/s-l225/NEW-Sealed-Cisco-SFP-10G-LR-10GBASE-LR-SFP-1310nm-.jpg)
NEW Sealed Cisco SFP-10G-LR 10GBASE-LR SFP+ 1310nm 10km *US Shipping*
$24.00
![Lot (10) Dell 0N8TDR 850nm SFP-10G-SR-85C 10Gbs sfp+ FTLX8574D3BNL-FC N8TDR NEW picture](/store/img/g/E7cAAOSw98tljuIT/s-l225/Lot-10-Dell-0N8TDR-850nm-SFP-10G-SR-85C-10Gbs-sfp-.jpg)
Lot (10) Dell 0N8TDR 850nm SFP-10G-SR-85C 10Gbs sfp+ FTLX8574D3BNL-FC N8TDR NEW
$68.00