- Create a random data file
cat /dev/random > randomfile - Create key pair
openssl genrsa -des3 -out server.key -rand randomfile - Sign the created Public Key and create a digital certificate
openssl req -new -x509 -key server.key -out server.crt
Answer the questions posed and then copy the Public Key and digital certificate into appropriate directories:
server.key --> /etc/apache2/ssl.key/
server.crt --> /etc/apache2/ssl.crt/ - Configure Apache to use OpenSSL
Edit the /etc/sysconfig/apache2 file
APACHE_START_TIMEOUT="10" - the httpd start time out
APACHE_SERVER_FLAGS="SSL" - Configure the main site to use HTTPS
Edit the /etc/apache2/default-server.conf file and add the following directives from the /etc/apache2/vhost.d/vhost-ssl.template file
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/server.key - Configure a Virtual Host to use HTTPS
- Follow steps 1 to 3 to create the key and digital certificate
- Edit the /etc/apaches2/vhost.d/
.conf file - Change VirtualHost :80 to VirtualHost *:443
- Append the ServerName directive with 443 e.g. vhost.mydomain.lan to vhost.mydomain.lan:443
DistroWatch Weekly, Issue 1105
-
The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. This week
in DistroWatch Weekly:
Review: CentOS 10 Stream
News: Haiku ports Iceweasel, Ora...
2 days ago