Httpd SSL Configuration: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
No edit summary
Line 25: Line 25:


By default, this ends up installing mod_ssl.so in <tt>/etc/httpd/modules</tt>. It also creates the default SSL configuration file ssl.conf  in <tt>/etc/httpd/conf.d</tt>.
By default, this ends up installing mod_ssl.so in <tt>/etc/httpd/modules</tt>. It also creates the default SSL configuration file ssl.conf  in <tt>/etc/httpd/conf.d</tt>.
==Include ssl.conf==
Usually the main httpd.conf configuration file contains an "include all conf.d" line:
<pre>
IncludeOptional conf.d/*.conf
</pre>
which should take care of ssl.conf inclusion.
If not present, explicitly add:
<pre>
Include conf.d/ssl.conf
</pre>

Revision as of 18:40, 6 January 2016

External

Internal


Overview

In order to protect a web site with SSL, you will need to make sure mod_ssl is available and functional, then create a virtual host that listens on port different from the non-SSL protected sites (usually 443), turn the SSLEngine on for that virtual host, and specify the paths to the certificate and the private key.

Procedure

Install mod_ssl and openssl

yum install mod_ssl
yum install openssl

By default, this ends up installing mod_ssl.so in /etc/httpd/modules. It also creates the default SSL configuration file ssl.conf in /etc/httpd/conf.d.

Include ssl.conf

Usually the main httpd.conf configuration file contains an "include all conf.d" line:

IncludeOptional conf.d/*.conf

which should take care of ssl.conf inclusion.

If not present, explicitly add:

Include conf.d/ssl.conf