I needed to setup SSL to increase login security for various web apps I’m running on my server. Luckily I found a good tutorial here. Here’s the process in a nutshell:
Make a new directory to store your certificate:
mkdir /etc/apache2/ssl
Now generate a certificate using the make ssl cert wizard.
make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
add the following under Listen 80 /etc/apache2/ports.conf
Listen 443
Copy /etc/apache2/sites-available/default to /etc/apache2/sites-available/ssl
cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
In /etc/apache2/sites-available/default make the following changes:
NameVirtualHost *:80
(<)VirtualHost *:80(>)
...
(<)/VirtualHost(>)
and in /etc/apache2/sites-available/ssl
NameVirtualHost *:443
(<)VirtualHost *:443(>)
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
(<)/VirtualHost(>)
Now create a link from your available ssl directive file to your enabled directive.
ln -s /etc/apache2/sites-available/ssl /etc/apache2/sites-enabled/000-ssl
and for the module.
ln -s /etc/apache2/mods-available/ssl.* /etc/apache2/mods-enabled/
Restart apache and verify it works by browsing to any page on your server and putting https:// infront of it.
/etc/init.d/apache2 restart
This should have worked and you should now have a working unsigned SSL certificate using AES 256 bit encryption. This is not something you really want to setup if customers are going to be using it. For customers you really want to get a signed certificate from verisign (or elsewhere), if not visitors will be prompted to trust the certificate or not.
Related posts: