|
|
The Apache HTTP Server module mod_ssl provides an interface to the OpenSSL library, which provides Strong Encryption using the Secure Sockets Layer and Transport Layer Security protocols. What is Secure Sockets Layer (SSL)?The Secure Sockets Layer protocol is a protocol layer which may be placed between a reliable connection-oriented network layer protocol (e.g. TCP/IP) and the application protocol layer (e.g. HTTP). SSL provides for secure communication between client and server by allowing mutual authentication, the use of digital signatures for integrity and encryption for privacy. The protocol is designed to support a range of choices for specific algorithms used for cryptography, digests and signatures. This allows algorithm selection for specific servers to be made based on legal, export or other concerns and also enables the protocol to take advantage of new algorithms. Choices are negotiated between client and server when establishing a protocol session. Steps to Install an SSL Certificate on ApacheStep 1: Obtain an SSL CertificateRetrieve and unzip the contents of the compressed folder provided by your Certificate Authority (CA) to obtain the following files:
Step 2: Install OpenSSLOpenSSL is required to generate private keys and Certificate Signing Requests (CSRs). On Ubuntu/Debian: sudo apt-get update
sudo apt-get install openssl
On CentOS/RHEL: sudo yum install openssl
Step 3: Install ApacheIf Apache is not already installed, you can install it using the package manager. On Ubuntu/Debian: sudo apt-get install apache2
On CentOS/RHEL: sudo yum install httpd
Step 4: Create a Directory to Store the SSL Certificate and KeyCreate a directory to store your SSL certificate and key files. sudo mkdir /etc/apache2/ssl
Step 5: Copy SSL Certificate FilesPlace your SSL certificate and key files in the directory you created. The main config file is typically called httpd.conf or apache2.conf and located via /etc/httpd or /etc/apache2/. Note: The SSL config file can be in a <VirtualHost> block in another config file. You can always search for the SSL conf file on Linux distributions using this grep command: grep -i -r “SSLCertificateFile” /etc/httpd/
Step 6: Configure Apache to Use the SSL CertificateConfigure the httpd.conf file and enter the following commands on your VirtualHost to successfully enable SSL: On Ubuntu/Debian: sudo nano /etc/apache2/sites-available/https.conf
On CentOS/RHEL: sudo nano /etc/httpd/conf.d/httpd.conf
Add or update the following lines with the paths to your certificate files: <VirtualHost 192.168.0.1:443>
DocumentRoot /var/www/html2
ServerName www.yourdomain.com
SSLEngine on
SSLCertificateFile /path/to/your_domain_name.crt
SSLCertificateKeyFile /path/to/your_private.key
SSLCertificateChainFile /path/to/cabundle.crt
</VirtualHost>
Where:
Note: If you need the site to load via https and http, create another virtual host for http. You can simply copy the existing config file before making any during this step. Step 7: Enable the SSL Site and Restart ApacheOn Ubuntu/Debian: Enable the SSL module and the default SSL site configuration: sudo a2enmod ssl
sudo a2ensite default-ssl.conf
sudo systemctl restart apache2
On CentOS/RHEL: Restart Apache to apply the changes: sudo systemctl restart httpd
Step 8: Test SSL ConfigurationTo verify your work, please access your website through your browser at https://yourdomain.com and review the certificate/site details to ensure that HTTPS/SSL is functioning correctly. curl -I https://your_domain.com
Note: You might have to restart your server for the changes to be applied. |
Reffered: https://www.geeksforgeeks.org
| Web Technologies |
Type: | Geek |
Category: | Coding |
Sub Category: | Tutorial |
Uploaded by: | Admin |
Views: | 18 |