Set up apache for https

From LinuxIntro
Jump to: navigation, search

This article describes how you can secure your webpage running on apache2 with https. You create demo-certificates yourself for this. This is for SUSE Linux, for Fedora, I recommend http://www.linux-sxs.org/internet_serving/apache2.html.

To forbid http (to only allow https) you can use Apache's SSLRequireSSL configuration directive.

  1. set up apache
  2. open a console as root
  3. set up your Certification authority and create dummy-certificates
  4. /usr/bin/gensslcert
    
  5. get your SSL Configuration from the given template
  6. cd /etc/apache2/vhosts.d
    cp vhost-ssl.template vhost-ssl.conf
    
  7. change your SSL Configuration
  8. have apache2 start per default with SSL. To do this, edit /etc/sysconfig/apache2. Search for APACHE_SERVER_FLAGS and add SSL like this:

    APACHE_SERVER_FLAGS="SSL"
    
  9. restart apache2
  10. /etc/init.d/apache2 restart
    
  11. make sure you have content to show
  12. echo "this is a test" >> /srv/www/htdocs/index.html
    
  13. test your configuration
  14. wget --no-check-certificate --no-proxy https://localhost
    

get a new certificate

To get a new certificate

  • backup your old certificate:
cd
cp /etc/apache2/ssl.crt/server.crt .
  • create a new certificate, e.g. for newhostname.domain
genssl -n newhostname.domain
/etc/init.d/apache2 restart

See also