How to secure apache with HTTPS
Hypertext Transfer Protocol Secure (HTTPS) = HTTP + SSL/TLS
Check list:
* apache sever
* openssl
Steps:
<b>For Ubuntu 10.04/Apache 2.2.14 changes suggested oregonbob:</b><a href="http://docs.google.com/View?id=dd6rgncr_151cxvhkpc5" target="_blank">here</a> Step 1 : <i> Create a self-signed certificate. </i> This include : Generate a key, Signing and avoid password <b> openssl genrsa -des3 -out my.key 4096 openssl req -new -key my.key -out my.csr openssl x509 -req -days 365 -in my.csr -signkey my.key -out my.crt openssl rsa -in my.key -out my.key.insecure mv my.key server.key.secure mv my.key.insecure my.key </b> Step 2 : <i>Setting up apache to detect the certificates</i> <b>Create ssl dir in /etc/apache2 or the apache home dir. cd /etc/apache2 ; mkdir ssl </b> <b>Copy the *.crt and *.key to this dir cp my.key /etc/apache2/ssl cp my.crt /etc/apache2/ssl </b> Step 3 : <i>Enable ssl</i> <b>a2enmod ssl </b> Step 4 : <i>Create symblinks and stub SSL conf</i> <b>cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl ln -s /etc/apache2/sites-available/ssl /etc/apache2/sites-enabled/ssl </b> Step 5 : <i>Set up the document roots, optional can be default /var/www or :</i> <b>cd /var/www mkdir html cd /var mkdir wssl cd wssl mkdir html</b> Step 6 : <i>Configure virtual hosts.</i> <b>sudo su cd /etc/apache2/sites-available cp /etc/apache2/sites-available/default default_original </b> Step 7 : <i>Configure ports</i> <b>HTTP over port 80 (edit /etc/apache2/sites-available/default): NameVirtualHost *:80 (Note: Look down just a bit and make a change to the virtual host settings.) <VirtualHost *:80> ServerName localhost DocumentRoot /var/www/html/ HTTPS over port 443 (edit /etc/apache2/sites-available/ssl): NameVirtualHost *:443 <VirtualHost *:443> ServerName localhost DocumentRoot /var/www-ssl/html/ P.S : Change localhost to your ip, if required.</b> Step 7 : <i>Order apache to listen on port 443</i> <b>edit /etc/apache2/ports.conf and type in "Listen 443" with out quotes and save</b> Step 8 : <i>Turn on the SSL engine.</i> <b>edit /etc/apache2/sites-available/ssl and add the lines below: SSLEngine On SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key </b> Step 9 : <i>Final step, restart apache and test</i> <b>/etc/init.d/apache2 restart In browser : <a href="https://localhost" title="https://localhost">https://localhost</a> must work</b>
Recent blog posts
- watir-webdriver web inspector
- gem list to gemfile
- Packing ruby2.0 on debian.
- Made it into The Guinness Book!
- to_h in ruby 2.0
- Filter elements by pattern jQuery.
- Better HTML password fields for mobile ?
- Grayscale image when user offline
- nth-child CSS pseudo-class Christmas colors
- EventEmitter in nodejs