Solved

Enable commerical digital certificate on Apache

Posted on 2011-02-20
2
352 Views
Last Modified: 2013-12-06
Any idea how to generate and CSR on Apache Red Hat and import the digital certificate on it in order to enable https access ?

Thanks
0
Comment
Question by:AXISHK
2 Comments
 
LVL 2

Accepted Solution

by:
joshopkins earned 500 total points
ID: 34937781
to gen the cert us

openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

Once you have the csr generated you need to submit it to a certificate authority (i.e. digicert.com, godaddy.com, versign.com, thawt.com).  After the cert has been issued to you the apache ssl conf file will need to be updated.  The location and name of this file can vary from server to server -- Especially if you use a special interface to manage your server configuration.

Apache configuration files are typically found in /etc/httpd. The main configuration file is usually named httpd.conf. In some cases the <VirtualHost> blocks will be at the bottom of this httpd.conf file. Sometimes you will find the <VirtualHost> blocks in their own files under a directory like /etc/httpd/vhosts.d/ or /etc/httpd/sites/ or in a file called ssl.conf.

If you need your site to be accessible through both secure (https) and non-secure (http) connections, you will need a virtual host for each type of connection.

An Example would be:

<VirtualHost 192.168.0.1:443>
DocumentRoot /var/www/html2
ServerName www.yourdomain.com
SSLEngine on
SSLCertificateFile /path/to/your_domain_name.crt
SSLCertificateKeyFile /path/to/your_private.key
SSLCertificateChainFile /path/to/DigiCertCA.crt
</VirtualHost>

Adjust the file names to match your certificate files:

    * SSLCertificateFile should be your DigiCert certificate file (eg. your_domain_name.crt).
    * SSLCertificateKeyFile should be the key file generated when you created the CSR.
    * SSLCertificateChainFile should be the DigiCert intermediate certificate file (DigiCertCA.crt)

      If the SSLCertificateChainFile directive does not work, try using the SSLCACertificateFile directive instead.
0
 

Author Closing Comment

by:AXISHK
ID: 35063974
Tks
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Users are often faced with high disk consumption without really knowing where the largest amount of data resides. Disk Usage Analyzer (aka Baobab) is is a graphical, menu-driven application to analyse disk usage in any Gnome environment and can e…
If you use Debian 6 Squeeze and you are tired of looking at the childish graphical GDM login screen that is used by default, here's an easy way to change it. If you've already tried to change it you've probably discovered that none of the old met…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now