Uncategorized

SSL for Apache2 [by celiawessen]

Apache 2 for Redhat Linux:: SSL for Apache2
Traditionally, when using SSL with Apache, one had to configure Apache with modSSL and/or OpenSSL before make.

The modSSL project does not officially support Apache2. Therefore, you'll have to live with the Redhat distro. The RedHat 8 RPM distros of Apache2 is already compiled with a special build of modSSL, so I recommend using those. Also, to be safe, get the Redhat distro for openSSL – not from the openSSL project.

Install the packages if you haven't yet:



rpm 
-ivh httpd-[i]nn[/i].rpm

rpm 
-ivh openssl-[i]nn[/i].rpm

Now you need to:
1. Create public RSA key
2. Create a certificate request (CSR)
3. Create a dummy certificate to test site
4. Install official CA certificate once received

All of this can be found HERE.

Just in case they erase the page, here are some notes:



openssl genrsa 
-des3 -out filename.key 1024

openssl req 
-new -key filename.key -out filename.csr

openssl req 
-new -key filename.key -x509 -out filename.crt

When you installed openSSL, it had created an Apache ssl.conf file in the /etc/httpd/conf.d directory. This is where all default SSL virtualhost info is saved, but you must go into each virtualhosts' respective conf files and configure them for SSL.



<VirtualHost 192.168.1.1:443>

.
the

.usual

.stuff

[b]SSLEngine on

SSLCertificateFile 
/etc/httpd/conf/ssl.crt/server.crt

SSLCertificateKeyFile 
/etc/httpd/conf/ssl.key/server.key[/b]

<
Directory "/var/www/html/shop/">

[
b]    SSLOptions +StdEnvVars[/b]

</
Directory>

.
more

.regular

.stuff