Apache SSL
 

Hi!

Can someone teach me how to configure Apache to use HTTPS instead of the usual HTTP? For a more secured web content. Our mail server is accessed via web using squirrelmail. Now, I wanted to secure it by using HTTPS. Is that possible in Apache?

Yes it is possible, I did the same thing here a while back. A good place to start is at http://httpd.apache.org/docs/2.0/ssl/ - also have a look on this site at http://www.linuxquestions.org/linux/...ache_SSL_Howto

Thanks. I'll give it a try.

HI!

I've followed the link but can't find the "Include" in httpd.conf. I have CentOS 4 running which I installed and mod_ssl. But don't know where to start.

The ssl.conf file wasn't always separate from the httpd.conf file. It may be that on your system, the contents of the ssl.conf file are in the httpd.conf file. Do you have the SSLEngine directive anywhere in your httpd.conf file?

Where do I find SSLEngine directive? All I know is that i have apache and mod_ssl installed and I just need to reconfigure it for the clients to use https instead of http.

Are you using Apache 2.0.x? If so, httpd.conf is usually either under /usr/local/apache2/conf or /etc/apache (or /etc/http). Those last 2 are guesses, so it may be slightly different. It's also worth checking again for ssl.conf in that directory as well as the Include directive in httpd.conf.

On the localhost, I tried opening on the web browser: https://mywebsite and it says certificate is not valid. And when I try it on a different machine, it couldn't connect. Any help?

Certificate not valid? Looks like you didn't set up the keys and certs correctly or you're incorrectly pointing them in your ssl.conf file.

If you can access port 443 locally but not from another machine then the problem is your firewall. Are you running iptables? If so, allow port 443 to be accessible or turn iptables off.

-twantrd

Since the how-to you posted seems to be slackware specific, I followed this link:

http://www.vanemery.com/Linux/Apache/apache-SSL.html

I pointed all keys in ssl.conf. ssl.conf is located at /etc/httpd/conf.d. I noticed in httpd.conf that it already has Include in conf.d so I didn't bother adding it up. Are there other configurations that I need to tweak in httpd.conf? I also saw that ssl.conf has a DocumentRoot options which I pointed my website into. But still unsuccesful. I think firewall doesn't have anything to do with this because I am just accessing the website within our network and not on the internet. Hope you can help me out or at least you can provide me a step-by-step guide on building one. I am using CentOS with Apache preinstalled and mod_ssl. Thanks.

There is nothing much to setup in httpd.conf if you have an include statement to tell apache to also look for ssl.conf. ssl.conf then becomes the main config for SSL. Paste your ssl.conf for us to see.

I haven't encountered this error before when I setup Apache+SSL. What do the logs say? Anything of interest?

-twantrd

twantrd,

Thanks for your assistance on this. I was able to build my own certificate and was able to use https. Another question, is it possible to add some virtual host in SSL? I mean, I was able to setup virtual host on one of my website. By testing this, I added a www.company1.com entry on my host file and configured ssl.conf to point the DocumentRoot to the website1 which I built. I want to add up another website which I am also managing the DNS entries to point to my IP. Do you think it is possible? What are the things that I need to do? Should I add up ssl2.conf on /etc/httpd/conf.d? Where am I going to add that additional VirtualHost directive? Thanks.

If you wanted to set up another Vhost, there is no need to include/setup another conf file. It's just like httpd.conf. When you set up more virtual hosts, you don't need another conf file right? You just put them all in httpd.conf. Well, the same goes for ssl.conf. Add the other virtual hosts in ssl.conf. The syntax is the same except that the port number is 443 instead of 80, that's all. Give it a shot and always look at the error logs to see what's wrong. Good luck.

-twantrd

I can't seem to make it work. I already added the second website on the virtual host when I point in company2.com on the browser, the company1.com still shows up. I think the first DocumentRoot configured on the VirtualHost is being followed here.

Did you specify a DocumentRoot for your 2nd vhost? Post your config for us to see.

-twantrd