HTTPS for Apache web server

Normally the Apache web server listens to Port 80 which is the HTTP port. If you want to make a secure web site which may be verified by an external signature then you will need HTTSP. For this SSL connection you will use port 443. For Apache you can configure the HTTPS protocol the following way.

Create a certificate

For a trusted connection you need a certificate. You can create your own certificates, but if you want to guarantee the authenticity of a HTTPS source you have to get the certificate from a external trusted source. This can be expensive. If you search for a vendor you may find VeriSign. I will not recommend this vendor, it is only an example.

We do not want to buy a certificate. We want to create our own one. But remember, this certificate may not be trusted by browsers.

First we create a new directory to put all Apache2 SSL things into it:

With the openssl command we create two files. A vhost1.key file with a key and a vhost1.crt with the certificate. The data of the files depends mostly on the parameter you can set.

Configuration

The configuration itself is quite simple if you already have a certificate. The only thing is to change the port of our virtual server to port 443. For this we configure the file of our site in the sites-avaliabel Apache2 directory. The newly created or changed lines may look like these (this is my example configuration):

The last lines are important. Here we activate the SSLEngine and define the paths to the key file and the certificate file.

After an Apache2 restart the HTTPS protocol should work.

Problems

If something does not work as expected it is possible that the Apache2 restart does not work. I got a ‘Configtest failed’ exception. For this error we need to activate some Apache2 modules:

You need mod_rewrite and mod_ssl. Then everything should work fine.

(Visited 773 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *