HTTP secured, that is what we commonly hear about https. What does it brings in … A secure communication for the client as well as an assurance that the server is actually what it claims to be. HTTPs is not generally a protocol by itself, it is actually layering http upon SSL, simplly encrypting the http traffic.
In this post, I will be explaining how to enable https on an apache web server running on a linux host. I am expecting that you already have apache and SSL configured in your system. So lets begin….
1.Activate SSL module
Apache is shipped with SSL module disabled. Hence we have to manually enable it. The following command can be used to enable SSL in apache.
sudo a2enmod ssl
2.Create a self signed SSL Certificate
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
The x509 command is a multi purpose certificate utility. It can be used to display certificate information, convert certificates to various forms, sign certificate requests like a “mini CA” or edit certificate trust settings.
-nodes is used to specifie no passphrase should be used. If you use a passphrase, you will have to enter it whenever you restart your server.
3.Update SSL config file
sudo vim /etc/apache2/sites-available/default
Make the following modifications in the file
- Change the port on the virtual host to 443
- Add your server name below the Server Admin email
- Replace localhost with the domain name, if a domain name was given in “Common Name” above
- Add SSL configurations to the file
SSLEngine on SSLCertificateFile /etc/apache2/ssl/apache.crt SSLCertificateKeyFile /etc/apache2/ssl/apache.key
4. Activate the new Virtual Host
sudo a2ensite default
Restart apache for the changes to take effect
sudo /etc/init.d/apache2 restart
That is it…. HTTPS is configured in your web server with a self signed certificate.
NB:- It is always preferable to get the certificate signed by an authorized CA. Some browsers deny access for untrusted certificates.