Insure Apache (HTTPS)

I am going to tell you how implementing a secure web server with OpenSSL and Apache2.

Then we want the system root with site configurations is encrypted.

Create certificates:

  • Generate private key:
openssl genrsa 1024 > web.key
  • Without passwor to boot directly.
  • Generate the certificate petition:
openssl req -new -key web.key -out web.csr
  • Generate certificate with 10000 days validity, signed by us.
openssl req -x509 -days 10000 -key web.key -in web.csr -out web.crt

Enable SSL module mod_ssl in apache:

elite:~# cd /etc/apache2/mods-enabled/
elite:/etc/apache2/mods-enabled# ln -s ../mods-available/ssl.conf ssl.conf
elite:/etc/apache2/mods-enabled# ln -s ../mods-available/ssl.load ssl.load
elite:/etc/apache2/mods-enabled# /etc/init.d/apache restart

In order to create a Virtual Host with SSL, we must include the port declare, and host. Minium declaration:

#NameVirtualHost *:443
<VirtualHost *>
	ServerName www.midominioseguro.com
        DocumentRoot /var/www/midominioseguro/

        SSLEngine On
        SSLCertificateFile /root/web.crt
        SSLCertificateKeyFile /root/web.key
</ VirtualHost>

Activating SSL mode with SSLEngine sirective, and giving the public key web.crt, and private key web.key.

Then it could access from every client to our web: https://www.midominioseguro.com. Of course, your DNS must have this name configured.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>