Hemanth's Scribes
web

How to Secure Apache With HTTPS

Author Photo

Hemanth HM

Thumbnail

How to Secure Apache With HTTPS

Hypertext Transfer Protocol Secure (HTTPS) = HTTP + SSL/TLS Check list: apache sever openssl Steps: **For Ubuntu 10.04/Apache 2.2.14 changes suggested oregonbob:**[here](http://docs.google.com/View?id=dd6rgncr_151cxvhkpc5)

Step 1 : Create a self-signed certificate. This include : Generate a key, Signing and avoid password openssl genrsa -des3 -out my.key 4096 openssl req -new -key my.key -out my.csr openssl x509 -req -days 365 -in my.csr -signkey my.key -out my.crt openssl rsa -in my.key -out my.key.insecure mv my.key server.key.secure mv my.key.insecure my.key Step 2 : Setting up apache to detect the certificates Create ssl dir in /etc/apache2 or the apache home dir. cd /etc/apache2 ; mkdir ssl **Copy the .crt and.key to this dir cp my.key /etc/apache2/ssl cp my.crt /etc/apache2/ssl ** Step 3 : Enable ssl a2enmod ssl Step 4 : Create symblinks and stub SSL conf cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl ln -s /etc/apache2/sites-available/ssl /etc/apache2/sites-enabled/ssl Step 5 : Set up the document roots, optional can be default /var/www or : cd /var/www mkdir html cd /var mkdir wssl cd wssl mkdir html Step 6 : Configure virtual hosts. sudo su cd /etc/apache2/sites-available cp /etc/apache2/sites-available/default default_original Step 7 : Configure ports HTTP over port 80 (edit /etc/apache2/sites-available/default): NameVirtualHost _:80 (Note: Look down just a bit and make a change to the virtual host settings.) ServerName localhost DocumentRoot /var/www/html/ HTTPS over port 443 (edit /etc/apache2/sites-available/ssl): NameVirtualHost _:443 ServerName localhost DocumentRoot /var/www-ssl/html/ P.S : Change localhost to your ip, if required. Step 7 : Order apache to listen on port 443 edit /etc/apache2/ports.conf and type in “Listen 443” with out quotes and save Step 8 : Turn on the SSL engine. edit /etc/apache2/sites-available/ssl and add the lines below: SSLEngine On SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key Step 9 : Final step, restart apache and test /etc/init.d/apache2 restart In browser : https://localhost must work

#javascript#linux
← View all posts
Author Photo

About Hemanth HM

Hemanth HM is a Sr. Machine Learning Manager at PayPal, Google Developer Expert, TC39 delegate, FOSS advocate, and community leader with a passion for programming, AI, and open-source contributions.