Apache2

From Briki
Revision as of 14:02, 20 June 2006 by Andrew (talk) (SSL)
Jump to: navigation, search

SSL

  • a2enmod ssl (this just does: ln -s /etc/apache2/mods-available/ssl* /etc/apache2/mods-enabled)
  • a2enmod rewrite
  • a2enmod suexec
  • a2enmod include
  • Edit ports.conf and add Listen 443
  • Edit sites-available/default and change the lines to look as follows:
NameVirtualHost *:80
<VirtualHost *:80>
...
  • Copy sites-available/default to sites-available/ssl and change the above lines to look like:
NameVirtualHost *:443
<VirtualHost *:443>
        SSLEngine On

        #   Server Certificate:
        #   Point SSLCertificateFile at a PEM encoded certificate.  If
        #   the certificate is encrypted, then you will be prompted for a
        #   pass phrase.  Note that a kill -HUP will prompt again.  Keep
        #   in mind that if you have both an RSA and a DSA certificate you
        #   can configure both in parallel (to also allow the use of DSA
        #   ciphers, etc.)
        SSLCertificateFile /etc/apache2/ssl/bretts_org.crt

        #   Server Private Key:
        #   If the key is not combined with the certificate, use this
        #   directive to point at the key file.  Keep in mind that if
        #   you've both a RSA and a DSA private key you can configure
        #   both in parallel (to also allow the use of DSA ciphers, etc.)
        SSLCertificateKeyFile /etc/apache2/ssl/server.pem
...
  • ln -s /etc/apache2/sites-available/ssl /etc/apache2/sites-enabled/001-ssl
  • /etc/init.d/apache2 force-reload