yum install mod_ssl
It actually do most of the work and even more than it is expected by creating ...httpd/conf.d/ssl.conf
Assuming that your Apache httpd.conf configured to include all files from httpd/conf.d, you will get the content of this file automatically.
Modify VirtualHost :443 inculded there, or remove it completly and define your own VirtualHost for port 443.
Note, that you can not keep the default configuration AND define your own - the default from ssl.conf will always overwrite the next one.
For your HTTPS VirtualHost you will need 4 files:
1. Your DECRYPTED private key file
2. Your certificate, issued by a Certificates Authority
3. Certificate Authority intermidiate server certificate
4. Certificate authority certificate
Your final VirtualHost definition might look like this:
DocumentRoot /var/www/www.domain.com
ServerName www.domain.com
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SSLCertificateFile /path/ssl/my-certificate.pem
SSLCertificateKeyFile /path/ssl/decrypted_private_key.pem
SSLCertificateChainFile /path/ssl/sub.class2.server.ca.pem
SSLCACertificateFile /path/ssl/ca.pem
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /etc/httpd/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
Once configured, restart Apache:
service httpd restart
If your certificates are OK, you should get a valid response going to your web over SSL:
curl https://localhost
Posts
No comments:
Post a Comment