On our previous article we have seen how to create a SSL certificate. If you have missed visit creating SSL Certificate
In this article we will be seeing how to install the SSL Certificate on our Apache web browser to secure our site.
In direct installation of httpd the modules should be configured seperately, the default installation allows your web server to run in 80(http) port. To enable https we need to install module and mention the certificate path on the conf.
mod_ssl is an Apache module that provides SSL v2/v3 and TLS support for the Apache HTTP Server.
To install mod_ssl run the below command,
$ yum install mod_ssl
The above command will install all necessary packages and files for enabling SSL on httpd.
Configuring mod_ssl:
The location of SSL configuration file is /etc/httpd/conf.d/ssl.conf where you will be mentioning your certificate path.
jhony@ljunix~$ ls /etc/httpd/certs/
ljunix.crt ljunix.csr ljunix.key
Your ssl.conf will have the servername and the location of the certificate,
<virtualhost _default_:443>
# General setup for the virtual host, inherited from global configuration
#DocumentRoot "/var/www/html"
#ServerName www.ljunix.com:443
# Use separate log files for the SSL virtual host; note that LogLevel
# is not inherited from httpd.conf.
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
SSLCertificateFile /etc/httpd/certs/ljunix.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/httpd/certs/ljunix.key
By default all the conf files under conf.d directory are included on the httpd.conf.
IncludeOptional conf.d/*.conf
Restart the Apache HTTP Server:
Restart your httpd server to take the changes effect.
Comments