Enable Apache SSL
Quick procedure to enable SSL on Apache WebServer installed on Ubuntu, to deliver contents over a secure connection.
In this procedure, we assume the use of a Self-Signed Certificate.
The problem with using a self-signed certificate for a “real-life” working web server is that any browser connecting to the site will not recognize the certificate authority. This means that the user will be asked to verify the certificate.
1. Create CSR:
openssl genrsa -des3 -out server.key 1024 openssl rsa -in server.key -out server.key.insecure openssl req -new -key server.key -out server.csr |
2. Create server’s Certificate:
openssl x509 -req -days 365 -in server.csr \ -signkey server.key -out server.crt |
3. Copy the right stuff in the right places:
cp server.crt /etc/ssl/certs/ cp server.key /etc/ssl/private/ |
4. Enable Apache SSL Module:
a2enmod ssl |
5. Integrate SSL configuration on your VirtualHost Configuration
(Ex: edit default enabled-site configuration file):
vim /etc/apache2/sites-enabled/000-default |
SSLEngine on SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key |
Note: Named-Based VirtualHost is not possible with SSL Enabled, see Apache Documentation.
6. Restart Apache Server:
service apache2 restart |