Friday, 23 January 2015

OEL Apache SSL

Setting up SSL, with Apache.

On a redhad based distro, we will need

  • apache (httpd)
  • mod_ssl

Getting httpd and mod_ssl 

yum install httpd mod_ssl

Creating Self Signed Certificate

Run:
cd /var/www/; openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout mysitename.key -out mysitename.crt
Generating a 2048 bit RSA private key

results:
writing new private key to 'mysitename.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:

Setting up Apache

if you dont know where your httpd.conf file is. 
locate httpd.conf

go to the directory, or edit the file.
vim /etc/httpd/conf/httpd.conf


php_admin_value engine Off
    ServerAdmin mrAwesomeVic
    DocumentRoot /var/www/html/TeamPass-2.1.22
    ErrorLog logs/test.bjorn.custom-error_log
    CustomLog logs/test.bjorn.access_log common

    SSLEngine on
    SSLCertificateFile /var/www/mysitename.crt
    SSLCertificateKeyFile /var/www/mysitename.key
#    SSLCertificateChainFile /var/www/intermediate.crt #this is only used if you have a certificate chain




   RewriteEngine on
   ReWriteCond %{SERVER_PORT} !^443$
   RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]



   RewriteEngine on
   ReWriteCond %{SERVER_PORT} !^443$
   RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]

What I used for the self signed certs




#bearMan