Tuesday, May 6, 2008

How to run an SSL HTTPS with Debian Etch and Apache2

I'll describe how I start an SSL Https server with Debian Etch and Apache2

First install apaceh2 with the following command:

apt-get install apache2

Second install openssl

apt-get install openssl ssl-cert

then generate an SSL key ( following command in one line )

openssl req $@ -new -x509 -days 3650 -nodes -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem

This will complete the certificate now you need to make sure you have the correct permissions for .pem file if not use the following command to set the correct permissions

chmod 600 /etc/apache2/apache.pem

add the folowing line to /etc/apache2/ports.conf

Listen 443

If you want to enable SSL support for your apache web server you need to use the following command

a2enmod ssl

Configuring SSL Certificate to Virtual Hosts in Apache2
First you need to edit the /etc/apache2/sites-available/default file change
NameVirtualHost *to

NameVirtualHost *:80
NameVirtualHost *:443

my /etc/apache2/sites-available/default file is something like this:

NameVirtualHost *:443

ServerAdmin info@blabla.com
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem
DocumentRoot /var/www/
LogLevel warn
CustomLog /var/log/apache2/access.log combined

Options FollowSymLinks
AllowOverride None

Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all

Note1: Server name must be the same with the name given in certification file
Note2: I by my self only use SSL if you want normal HTTP you must also add "NameVirtualHost *:80" in config file.

No comments: