Update apache ssl cert

catiewong · 10-22-2018, 04:34 AM

I use apache web server on centos 7.4

Now the apache do not have a SSL cert , I would like to add it , except add the cert files to the server , config the apache file , would advise what else I need to do ?

TenTenths · 10-22-2018, 06:23 AM

You might want to also redirect any http:// traffic to https://

catiewong · 10-22-2018, 11:23 PM

Quote:

Originally Posted by TenTenths

You might want to also redirect any http:// traffic to https://

Thanks reply ,

How to do the redirect , set it in apache or DNS ?

berndbausch · 10-23-2018, 12:19 AM

DNS doesn't know anything about web protocols. So, the answer is Apache. You will find a ton of tutorials on the internet, for example https://www.digitalocean.com/communi...ache-and-nginx (DigitalOcean's tutorials are generally good).

catiewong · 10-23-2018, 03:11 AM

Quote:

Originally Posted by berndbausch

DNS doesn't know anything about web protocols. So, the answer is Apache. You will find a ton of tutorials on the internet, for example https://www.digitalocean.com/communi...ache-and-nginx (DigitalOcean's tutorials are generally good).

thanks reply

About the http redirct to https .

If I update the apache file to point to the ssl cert but do not set http redirct to https , does the browsing will automatically go to https first then go to http ? config http redirct to https is only for safe ? that means if no http to https redirection , user input http then to to http:// , user input https then go to https:// ?

bradvan · 10-23-2018, 06:24 AM

If you don't force http -> https, then it depends on what the remote person puts in their browser. There are lots of good web pages on this subject. Try: RHEL 7 Web Servers for one.

catiewong · 10-23-2018, 11:59 PM

Quote:

Originally Posted by bradvan

If you don't force http -> https, then it depends on what the remote person puts in their browser. There are lots of good web pages on this subject. Try: RHEL 7 Web Servers for one.

"then it depends on what the remote person puts in their browser" <<== sorry , I don't understand what it means , that mean if no redirection , it depends the user use http or https , if http then go to http , if https then go to https ?

bradvan · 10-24-2018, 04:03 AM

Correct. If you are allowing both an http and an https connection, then which the remote user connects to depends on what they type in to their browser. If you are OK with that, then good. If not, force re-direction of http to https. It all depends on what you are providing on your web page.

catiewong · 10-24-2018, 06:06 AM

Another question ,

In my apache configuration for http , there are many module are loaded , I am wonder if there is another modules will be needed to make https to work ?

LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule heartmonitor_module modules/mod_heartmonitor.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule dir_module modules/mod_dir.so
LoadModule php5_module modules/libphp5.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so

berndbausch · 10-24-2018, 07:06 AM

You need mod_ssl.

However, this has nothing to do with the title of this thread. Questions that are not related should go into separate threads.