apache ssl setup

framework4:/# mkdir /etc/apache2/ssl
framework4:/# openssl req -new -x509 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.pem

Generating a 1024 bit RSA private key
….++++++
…………++++++
writing new private key to ‘/etc/apache2/ssl/apache.pem’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [AU]:ch
State or Province Name (full name) [Some-State]:zh
Locality Name (eg, city) []:zurich
Organization Name (eg, company) [Internet Widgits Pty Ltd]:x21.ch
Organizational Unit Name (eg, section) []:mgmt
Common Name (eg, YOUR name) []:*.x21.ch
Email Address []:z1@x21.ch

SSL-Modul aktivieren

framework4:/# cd /etc/apache2/mods-enabled/
framework4:/etc/apache2/mods-enabled# ln -s ../mods-available/ssl.load
framework4:/etc/apache2/mods-enabled# ln -s ../mods-available/ssl.conf

neues Verzeichnis für https://-Server erstellen und in Apache-Config eintragen:

framework4:/etc/apache2/mods-enabled# mkdir /var/www-ssl
framework4:/etc/apache2/mods-enabled# vi ../sites-enabled/000-default 

folgende Passage einfügen:

<VirtualHost *:443>
    ServerAdmin webmaster@localhost

    SSLEngine on
    SSLProtocol all
    SSLCipherSuite HIGH:MEDIUM
    SSLCertificateFile /etc/apache2/ssl/apache.pem
    
    DocumentRoot /var/www-ssl/
    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>
    <Directory /var/www-ssl/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    ErrorLog /var/log/apache2/error-ssl.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog /var/log/apache2/access-ssl.log combined

</VirtualHost>

last bud not least, apache neustarten:
framework4:/etc/apache2/mods-enabled# /etc/init.d/apache2 restart

/mods-enabled# /etc/init.d/apache2 restart

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.