How do I Configure or Setup Apache SSl Configuration

Posted on 2006-07-03
Medium Priority
Last Modified: 2013-11-29
How do i create ssl certifacate and sign it  and have jdcamp.org come up as https://jdcamp.org by default  or if someone types http://jdcamp.org automaticly switch to https://jdcamp.org
Question by:jcw20
  • 2
  • 2

Author Comment

ID: 17033211
ServerAdmin jessewhittington@hotmail.com
ServerName  www.jdcamp.org
DocumenRoot /var/www/html/jdcamp
CustomLog  /var/www/hml/jdcamp/logs/access-log comen
ErrorLog       /var/www/hml/jdcamp/logs/error-log comen
LVL 23

Expert Comment

ID: 17061798

Setting up SSL Certificates on Apache


Author Comment

ID: 17116320
need more help
LVL 10

Accepted Solution

PSSUser earned 2000 total points
ID: 17245208
Given the directory names I assume this is on Linux and that openssl is installed
Change to the directory where the certificate files are going to be stored.

Generate the private key for the request:
  openssl genrsa -des3 1024 > private.key
Enter and verify the passphrase

Generate the Request:
openssl req -new -key private.key > request.csr

Enter the passphrase as above and then enter the other details as prompted.
Country Code - uses iso 2 letter codes.
State or Province - State in US or County in GB
Locality - City/town
Organization - Company name/your name
Organizational Unit - can leave this blank unless you have a particular need for it.
Common name - the domain name of the server (www.jdcamp.org).
email address -  can leave blank
Challenge Password - what ever you want
Optional Company Name - again can leave blank
It's best if this information ties in with who the domain is registered to (if you are getting a proper certificate through a CA [Certificate Authority] e.g. verisign). If not then the CA will probably send an authorisation form through that needs signing by the company owning the domain stating they give permission to the company/person registering the certificate to run a site on their behalf.

Now register for the certificate with the CA selecting server type Apache.
When the certificate is returned you just to to save the certificate to file (including the begin and end markers) e.g. certificate.crt

For testing you can creating a self signed certificate

Change to the directory where the certificate files are stored.
  openssl req -x509 -key private.key -in request.csr > selfcert.crt

If you are getting a CA certificate you may need to download a intermediate file, but their support/faq section should detail this.

Using the cert in the apache config
Make sure you're listening on the default https port as well as http
Make sure mod_ssl is loaded
LoadModule ssl_module modules/mod_ssl.so
Make a VirtualHost container for SSL access (it can include otehr directives as necessary this is just the bear bones)
  SSLEngine on
  SSLCertificateFile /certificatedir/selfsign.crt
  SSLCertificateKeyFile /certificatedir/private.key
#  SSLCACertificateFile /certificatedir/intermediate.crt  #This is needed only if you are buying a certificate and the CA requires it, for self signed it's not needed

As I said this is bear bones for more details on other SSL directives look at
LVL 10

Expert Comment

ID: 17245250
Sorry just realised I didn't answer your other question about default SSL.

One way is to have
  Redirect 301 / https://jdcamp.org

The virtual host means it only applies to connections comming in on port 80. The Redirect 301 code means permanent move/redirect. The / means any url and obviously the https://jdcamp.org is where to.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Ranking ecommerce websites is a vital process. You need to have a strong SEO (Search Engine Optimization) strategy. If you don’t have one, you are losing out on brand impressions, clicks and sales. Check this guide on how to improve website traffic …
The title says it all. Writing any type of PHP Application or API code that provides high throughput, while under a heavy load, seems to be an arcane art form (Black Magic). This article aims to provide some general guidelines for producing this typ…
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
Suggested Courses

586 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question