twitter
    !! Tell us what you want to Learn / Know !!

Configuring SSL in Apache

Print Friendly and PDFPrintPrint Friendly and PDFPDF
Posted by Surendra on Monday, December 31, 2012 Labels: , ,

Secure Socket Layer (SSL) is a cryptographic protocol that provides communication security over internet.

Open a command prompt and switch to the directory that contains OpenSSL (D:\surendra\Apache2\bin\, in my case). 
In the example commands below I've used the name surendra. Feel free to replace that with anything you like.

To create a new certificate request type the following:


You'll be prompted to answer a bunch of questions, the answers to which can all be left blank except for:

PEM pass phrase: 
       This is the password associated with the private key (surendra.pem) that you're generating. This will only be used in the next step, so make it anything you like, but don't forget it.

Common Name: 
        This should be the fully-qualified domain name associated with this certificate. I was creating a certificate for a site on my local machine which I browsed to via www.samplesite.com, so I just entered www.samplesite.com.



When the command completes you should have a two files called surendra.csr and surendra.pem in your folder.

Now we need to create a non-password protected key for Apache to use:



You'll be prompted for the password that you created above, after which a file called surendra.key should appear in your folder.



Finally, we need to create an X.509 certificate, which Apache also requires:


And that's it - you now have a self-signed certificate that Apache can use to enable SSL. I chose to move the required files from D:\surendra\Apache2\bin\ to D:\surendra\Apache2\conf\ssl\, but you can put them anywhere as you'll be pointing to them in your Apache config files.

Open your httpd.conf file (which for me is in D:\surendra\Apache2\conf\) and uncomment (remove the # sign) the following lines:

#LoadModule ssl_module modules/mod_ssl.so

#Include conf/extra/httpd-ssl.conf

Open your httpd-ssl.conf file (which for me is in D:\surendra\Apache2\conf\extra\) and update the following lines.

Original lines
Modified Lines
SSLCertificateFile "D:/surendra/Apache2/conf/server.cert"
SSLCertificateFile "D:/surendra/Apache2/conf/ssl/surendra.cert"
SSLCertificateKeyFile "D:/surendra/Apache2/conf/server.key"
SSLCertificateKeyFile "D:/surendra/Apache2/conf/ssl/surendra.key"

Restart Apache and browse to https://localhost/. You're now accessing your Apache server over SSL!




0 comments:

Post a Comment