Contact Sales Sitemap Customer Login

Enable SSL on Apache2

It took me some time to get SSL up and running on my Ubuntu box with Apache 2. There are a lot of pages that are wrong out there, but this one was pretty useful:

https://help.ubuntu.com/community/forum/server/apache2/SSL

These are the steps I took, based on the above link and many, many other web pages, plus time monkeying about with this. I am not an expert on this by any means, but these steps worked for me.

1. Get a certificate (beyond the scope of this guide, but a google search should help you--takes a few minutes only). Be sure to keep the intermediate files (.key and .csr) that you create in this step.

2. Upload the certificate files you get from the server company to anywhere on your server.

3. sudo a2enmod ssl

4. Note that you do not have to edit your ports.conf file because it already contains Listen 443

5. Edit /etc/apache2/mods-enabled/ssl.conf (which was moved from mods-available/ssl.conf, along with ssl.load, by the a2enmod ssl command I think. You can move them manually if you like, but I don't know if a2enmod ssl does other tasks as well.): 

NameVirtualHost [your IP address]:443
< VirtualHost [your IP address]:443>
       ServerSignature On
       SSLCertificateFile    /path/to/the/certificate/from/your/certificate/company/apache.crt
       SSLCertificateKeyFile /path/to/the/file/created/in/step/1.key [can be a .pem file too I think]
       SSLCertificateChainFile /path/to/intermediate/cert.crt [optional, only if yout certificate compay provides you with one]
      SSLEngine On
</VirtualHost >

6. Now you can set up the site you want to run using SSL as you normally would. For example, you might have a file called 'mysite.conf' in /etc/apache2/sites-enabled, and you might add this to it: 

<VirtualHost [your ip]:443>
 ServerName mysite.com:443
 ServerAlias www.mysite.com
 DocumentRoot /path/to/www/root/for/ssl/site
</VirtualHost>

7. To run a non-ssl site, you might have this entry in the same mysite.conf file: 

<VirtualHost *:80>
 ServerName mysite.com
 ServerAlias *.mysite.com
 DocumentRoot /path/to/normal/site
</VirtualHost>

Note: You can also put the line NameVirtualHost [your IP address]:443 from step 5 into /etc/apache2/apache2.conf for clarity.



8. Restart apache, and your site should work

Retrieved from "http://wiki.vpslink.com/Enable_SSL_on_Apache2"

Copyright © 2010 VPSLink, a subsidiary of Spry

Recent Changes | RSS RSS Feed