I am going to tell you how implementing a secure web server with OpenSSL and Apache2.
Then we want the system root with site configurations is encrypted.
Create certificates:
- Generate private key:
openssl genrsa 1024 > web.key
- Without passwor to boot directly.
- Generate the certificate petition:
openssl req -new -key web.key -out web.csr
- Generate certificate with 10000 days validity, signed by us.
openssl req -x509 -days 10000 -key web.key -in web.csr -out web.crt
Enable SSL module mod_ssl in apache:
elite:~# cd /etc/apache2/mods-enabled/ elite:/etc/apache2/mods-enabled# ln -s ../mods-available/ssl.conf ssl.conf elite:/etc/apache2/mods-enabled# ln -s ../mods-available/ssl.load ssl.load elite:/etc/apache2/mods-enabled# /etc/init.d/apache restart
In order to create a Virtual Host with SSL, we must include the port declare, and host. Minium declaration:
#NameVirtualHost *:443
<VirtualHost *>
ServerName www.midominioseguro.com
DocumentRoot /var/www/midominioseguro/
SSLEngine On
SSLCertificateFile /root/web.crt
SSLCertificateKeyFile /root/web.key
</ VirtualHost>
Activating SSL mode with SSLEngine sirective, and giving the public key web.crt, and private key web.key.
Then it could access from every client to our web: https://www.midominioseguro.com. Of course, your DNS must have this name configured.