you'll have to have ssl / modssl installed in order to run https -- then make a self signed certificate (Assuming you know your way around ssl).
then you'll have to set up a virtual https domain within apache's httpd.conf in order to enable /var/www/my-squirrel-mail-stuff directory to be served as secure.
for your reference, here is my httpd.conf -- after heavy editing from the default one.
# -- BEGIN --
#############################################################################
# Pentiumslayer1.SpinelliCreations.com, pissing on your internet since 1981.#
#############################################################################
ServerRoot "/etc/httpd"
PidFile run/httpd.pid
Timeout 120
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
# Client-Process Regulation
<IfModule prefork.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
</IfModule>
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
# Ports
Listen *:80
# Modules
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
# LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule cgi_module modules/mod_cgi.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
#LoadModule asis_module modules/mod_asis.so
#
# If you wish httpd to run as a different user or group, you must run
User apache
Group apache
# Declarations and Config
ServerAdmin
postmaster@spinellicreations.com
ServerName spinellicreations.com:80
UseCanonicalName Off
DocumentRoot "/mnt/s1_shared/apache_pages"
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/mnt/s1_shared/apache_pages">
Options Indexes FollowSymLinks
AllowOverride AuthConfig
Order allow,deny
Allow from all
Options +Includes
AddType text/html .shtml
AddHandler server-parsed .shtml
</Directory>
<Directory "/mnt/s1_shared/apache_pages/blog/up">
Options Indexes FollowSymLinks
AuthType Basic
Authname "SC Blog - Oz - Upload"
AuthUserFile [OMITTED FOR PROTECTION]
Require user [OMITTED FOR PROTECTION]
</Directory>
<Directory "/mnt/s1_shared/apache_pages/latenight/up">
Options Indexes FollowSymLinks
AuthType Basic
Authname "SC Blog - LateNight - Upload"
AuthUserFile [OMITTED FOR PROTECTION]
Require user [OMITTED FOR PROTECTION]
</Directory>
<Directory "/mnt/s1_shared/apache_pages/temp">
Options Indexes FollowSymLinks
AuthType Basic
Authname "SC Temp Files - Authorized Access Only"
AuthUserFile [OMITTED FOR PROTECTION]
Require user [OMITTED FOR PROTECTION]
Require user [OMITTED FOR PROTECTION]
</Directory>
#<IfModule mod_userdir.c>
#
# UserDir is disabled by default since it can confirm the presence
# of a username on the system (depending on home directory
# permissions).
#
# UserDir disable
#
# To enable requests to /~user/ to serve the user's public_html
# directory, remove the "UserDir disable" line above, and uncomment
# the following line instead:
#
#UserDir public_html
#</IfModule>
DirectoryIndex index.html index.html.var index.php index.shtml
AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
TypesConfig /etc/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
# MIMEMagicFile /usr/share/magic.mime
MIMEMagicFile conf/magic
</IfModule>
HostnameLookups Off
# EnableMMAP off
# EnableSendfile off
ErrorLog logs/error_log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# "combinedio" includes actual counts of actual bytes received (%I) and sent (%O); this
# requires the mod_logio module to be loaded.
# LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
# CustomLog logs/access_log common
# CustomLog logs/referer_log referer
# CustomLog logs/agent_log agent
CustomLog logs/access_log combined
ServerSignature On
# Aliases
#Icons
Alias /icons/ "/mnt/s1_shared/apache_pages/icons/"
Alias /icons "/mnt/s1_shared/apache_pages/icons"
#CSS
Alias /style/ "/mnt/s1_shared/apache_pages/style/"
Alias /style "/mnt/s1_shared/apache_pages/style"
#COPYRIGHT
Alias /notice/ "/mnt/s1_shared/apache_pages/notice/"
Alias /notice "/mnt/s1_shared/apache_pages/notice"
#CGI-BIN
ScriptAlias /cgi-bin/ "/mnt/s1_shared/apache_pages/cgi-bin/"
AddHandler cgi-script cgi pl
<Directory "/mnt/s1_shared/apache_pages/cgi-bin">
AllowOverride None
Options None
Allow from all
</Directory>
#ERROR
Alias /error/ "/mnt/s1_shared/apache_pages/error/"
ErrorDocument 400 /error/e400.html
# bad request
ErrorDocument 401 /error/e401.html
# unauthorized
ErrorDocument 403 /error/e403.html
# forbidden
ErrorDocument 404 /error/e404.html
# not found
ErrorDocument 405 /error/e405.html
# method not allowed
ErrorDocument 408 /error/e408.html
# time out
ErrorDocument 410 /error/e410.html
# gone
ErrorDocument 411 /error/e411.html
# length required
ErrorDocument 412 /error/e412.html
# precondition failed
ErrorDocument 413 /error/e413.html
# entity too large
ErrorDocument 414 /error/e414.html
# uri too large
ErrorDocument 415 /error/e415.html
# unsupported media
ErrorDocument 500 /error/e500.html
# internal server error
ErrorDocument 501 /error/e501.html
# not implemented
ErrorDocument 502 /error/e502.html
# bad gateway
ErrorDocument 503 /error/e503.html
# service unavailable
ErrorDocument 506 /error/e506.html
# variant also varies
<IfModule mod_dav_fs.c>
# Location of the WebDAV lock database.
DAVLockDB /var/lib/dav/lockdb
</IfModule>
IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
DefaultIcon /icons/unknown.gif
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw
LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
ForceLanguagePriority Prefer Fallback
AddDefaultCharset UTF-8
AddHandler type-map var
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
# Virtual hosts
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin
postmaster@spinellicreations.com
DocumentRoot /mnt/s1_shared/apache_pages
ServerName spinellicreations.com
ServerAlias
www.spinellicreations.com
ErrorLog logs/spinellicreations-error_log
CustomLog logs/spinellicreations-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin
postmaster@fdrbookkeeping.com
DocumentRoot /mnt/s1_shared/apache_pages/fdr
ServerName fdrbookkeeping.com
ServerAlias
www.fdrbookkeeping.com
ErrorLog logs/fdrbookkeeping-error_log
CustomLog logs/fdrbookkeeping-access_log common
</VirtualHost>
# Extra conf.d config files to run with httpd.conf
# MANUAL
AliasMatch ^/manual(?:/(?:de|en|fr|ja|ko|ru))?(/.*)?$ "/var/www/manual$1"
<Directory "/var/www/manual">
Options Indexes
AllowOverride None
Order allow,deny
Allow from all
</Directory>
# PHP
LoadModule php5_module modules/libphp5.so
AddHandler php5-script .php
AddType text/html .php
DirectoryIndex index.php
# SQUIRRELMAIL
Alias /webmail /mnt/s1_shared/apache_pages/mail
# SSL
LoadModule ssl_module modules/mod_ssl.so
Listen *:443
# SSL Global Context
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
# Pass Phrase Dialog
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
#SSLSessionCache dc:UNIX:[OMITTED FOR PROTECTION]
SSLSessionCache shmcb:[OMITTED FOR PROTECTION]
SSLSessionCacheTimeout [OMITTED FOR PROTECTION]
# Semaphore:
# Configure the path to the mutual exclusion semaphore the "ssl.conf" 129L, 4384C
SSLMutex default
# Pseudo Random Number Generator (PRNG):
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
# Use "SSLCryptoDevice" to enable any supported hardware accelerators
SSLCryptoDevice builtin
#SSLCryptoDevice ubsec
## SSL Virtual Host Context
<VirtualHost *:443>
# General setup for the virtual host, inherited from global configuration
DocumentRoot "/mnt/s1_shared/apache_pages"
ServerName spinellicreations.com:443
# Use separate log files for the SSL virtual host; note that LogLevel
# is not inherited from httpd.conf.
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# SSL Protocol support:
# List the enable protocol levels with which clients will be able to
# connect. Disable SSLv2 access by default:
SSLProtocol all -SSLv2
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
# Server Certificate:
SSLCertificateFile /var/[OMITTED FOR PROTECTION]
# Server Private Key:
SSLCertificateKeyFile [OMITTED FOR PROTECTION]
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/[OMITTED FOR PROTECTION]
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
#SSLCACertificateFile /etc/[OMITTED FOR PROTECTION]
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10
# Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
# SSL Engine Options:
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
# END HTTPD.CONF
