Hey, I know you all find this abit nerdy so be warned.
I was asked to configure an SSL HTTP server based on apache Ubuntu and i stuggled with it alot until i found a quick way todo it posted here.
Here is what i did on my kubuntu machine:
Note: REMEMBER TO BACKUP EVERYTHING!!!
apt-get install apache2 // If you dont have the apache2 installed already.
apache2-ssl-certificate // This is a script that comes with apache2 to create the Certification you need , Fill the details and let it finish, It will create a certification key and apache.pem under /etc/apache2/ssl directory. Thats fine. Leave it that way.
Now, enable ssl using the a2enmod script:
a2enmod ssl // This is runned by default after the apache2-ssl-certificate if im not mistaken, If its running already it will prompt you that its running already so you cant damage anything by re-running it.
configure ssl:
cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl //You just duplicate the original file so you wont have to write alot of stuff.
ln -s /etc/apache2/sites-available/ssl /etc/apache2/sites-enabled/ssl // This will create a Symlink from file to file so when you edit one file you wont have to re copy stuff.
Edit /etc/apache2/sites-enabled/ssl and change the default vaules there to:
NameVirtualHost *:443 // Notice This line carefully! the server will crash on restart if you dont write it exectly. and change the root directory also. I personaly went with the guide and created a /var/www-ssl directory with chmod 755 on it for the ssl to contain its files there.
Edit /etc/apache2/ports.conf and add Listen 443 under the Listen 80.
Scroll down in /etc/apache2/sites-available/ssl file until you reach the line “# Possible values include: debug, info…”, insert this two lines:
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
~/ Write in root /etc/init.d/apache2 restart . If all goes well it should restart and your ssl should be on.
Enjoy!
- BROWSE / IN TIMELINE
- « How C.R.A.P Is your design?
- » DJ function(); Will get ya goin?
- BROWSE / IN web savvy security linux ssl
- « Its official, Google is evil
- » DJ function(); Will get ya goin?
COMMENTS / 2 COMMENTS
http://www.arts.hobsons.com/thread.jsp?topicid=302 added these pithy words on Sep 14 07 at 9:20 pmhttp://www.arts.hobsons.com/thread.jsp?topicid=302…
how to get harder erections…
Scott Gunsaullus added these pithy words on Aug 28 07 at 10:24 pmAfter following your instructions to the letter, I get the following:
* Forcing reload of apache 2.0 web server...
[Tue Aug 28 16:14:41 2007] [error] (EAI 2)Name or service not known: Cannot resolve host name *.443
--- ignoring!
apache2: Could not determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
[Tue Aug 28 16:14:42 2007] [error] (EAI 2)Name or service not known: Cannot resolve host name *.443
--- ignoring!
apache2: Could not determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
From what I’ve read elsewhere, this has to do with the fact that Apache2 does not support virtual hosts in SSL. Rather, it’s SSL that doesn’t work with name based virtual hosts.You’re supposed to use IP based virtual hosts, because Apache can’t accept *.443, or so they say…
SPEAK / ADD YOUR COMMENT
Comments are moderated.
