Solved

How do I Configure or Setup Apache SSl Configuration

Posted on 2006-07-03
7
250 Views
Last Modified: 2013-11-29
How do i create ssl certifacate and sign it  and have jdcamp.org come up as https://jdcamp.org by default  or if someone types http://jdcamp.org automaticly switch to https://jdcamp.org
0
Comment
Question by:jcw20
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
7 Comments
 
LVL 1

Author Comment

by:jcw20
ID: 17033211
NameVirtualHost 10.10.10.4:80
NameVirtualHost  10.10.10.4:443
<VirtualHost 10.10.10.4:80>
ServerAdmin jessewhittington@hotmail.com
ServerName  www.jdcamp.org
DocumenRoot /var/www/html/jdcamp
CustomLog  /var/www/hml/jdcamp/logs/access-log comen
ErrorLog       /var/www/hml/jdcamp/logs/error-log comen
</VirtualHost>
0
 
LVL 23

Expert Comment

by:rama_krishna580
ID: 17061798
Hi,

Setting up SSL Certificates on Apache
http://www.flatmtn.com/computer/Linux-SSLCertificatesApache.html

R.K
0
 
LVL 1

Author Comment

by:jcw20
ID: 17116320
need more help
0
 
LVL 10

Accepted Solution

by:
PSSUser earned 500 total points
ID: 17245208
Given the directory names I assume this is on Linux and that openssl is installed
Change to the directory where the certificate files are going to be stored.

Generate the private key for the request:
  openssl genrsa -des3 1024 > private.key
Enter and verify the passphrase

Generate the Request:
openssl req -new -key private.key > request.csr

Enter the passphrase as above and then enter the other details as prompted.
Country Code - uses iso 2 letter codes.
State or Province - State in US or County in GB
Locality - City/town
Organization - Company name/your name
Organizational Unit - can leave this blank unless you have a particular need for it.
Common name - the domain name of the server (www.jdcamp.org).
email address -  can leave blank
Challenge Password - what ever you want
Optional Company Name - again can leave blank
It's best if this information ties in with who the domain is registered to (if you are getting a proper certificate through a CA [Certificate Authority] e.g. verisign). If not then the CA will probably send an authorisation form through that needs signing by the company owning the domain stating they give permission to the company/person registering the certificate to run a site on their behalf.

Now register for the certificate with the CA selecting server type Apache.
When the certificate is returned you just to to save the certificate to file (including the begin and end markers) e.g. certificate.crt

For testing you can creating a self signed certificate

Change to the directory where the certificate files are stored.
  openssl req -x509 -key private.key -in request.csr > selfcert.crt

If you are getting a CA certificate you may need to download a intermediate file, but their support/faq section should detail this.

Using the cert in the apache config
Make sure you're listening on the default https port as well as http
Listen 10.10.10.4:80
Listen 10.10.10.4:443
Make sure mod_ssl is loaded
LoadModule ssl_module modules/mod_ssl.so
Make a VirtualHost container for SSL access (it can include otehr directives as necessary this is just the bear bones)
<VirtualHost 10.10.10.4:443>
  SSLEngine on
  SSLCertificateFile /certificatedir/selfsign.crt
  SSLCertificateKeyFile /certificatedir/private.key
#  SSLCACertificateFile /certificatedir/intermediate.crt  #This is needed only if you are buying a certificate and the CA requires it, for self signed it's not needed
</VirtualHost>

As I said this is bear bones for more details on other SSL directives look at
http://httpd.apache.org/docs/2.0/mod/mod_ssl.html
0
 
LVL 10

Expert Comment

by:PSSUser
ID: 17245250
Sorry just realised I didn't answer your other question about default SSL.

One way is to have
<VirtualHost 10.10.10.4:80>
  Redirect 301 / https://jdcamp.org
</VirtualHost>

The virtual host means it only applies to connections comming in on port 80. The Redirect 301 code means permanent move/redirect. The / means any url and obviously the https://jdcamp.org is where to.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read about how to choose the best possible content marketing agency to suit your needs. Content marketing has become an integral part of running a successful tech business, so it is wise to be informed.
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question