Friday, 23 January 2015

OEL Apache SSL

Setting up SSL, with Apache.

On a redhad based distro, we will need

  • apache (httpd)
  • mod_ssl

Getting httpd and mod_ssl 

yum install httpd mod_ssl

Creating Self Signed Certificate

cd /var/www/; openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout mysitename.key -out mysitename.crt
Generating a 2048 bit RSA private key

writing new private key to 'mysitename.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [XX]:
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:

Setting up Apache

if you dont know where your httpd.conf file is. 
locate httpd.conf

go to the directory, or edit the file.
vim /etc/httpd/conf/httpd.conf

php_admin_value engine Off
    ServerAdmin mrAwesomeVic
    DocumentRoot /var/www/html/TeamPass-2.1.22
    ErrorLog logs/test.bjorn.custom-error_log
    CustomLog logs/test.bjorn.access_log common

    SSLEngine on
    SSLCertificateFile /var/www/mysitename.crt
    SSLCertificateKeyFile /var/www/mysitename.key
#    SSLCertificateChainFile /var/www/intermediate.crt #this is only used if you have a certificate chain

   RewriteEngine on
   ReWriteCond %{SERVER_PORT} !^443$
   RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]

   RewriteEngine on
   ReWriteCond %{SERVER_PORT} !^443$
   RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]

What I used for the self signed certs