Installing https ssl module for Apache

From Cosmin's Wiki

Jump to: navigation, search

Home > Linux how to's > Installing https ssl module for Apache

These are some simple steps to follow if you want to install a self-signed certificate on your Apache server.

In order to do so, you need to have openssl installed:

aptitude install openssl

And now enable ssl support on Apache2:

a2enmod ssl

In order to have Apache2 listen to https (port 443), you need to edit /etc/apache2/ports.conf and make it look like

Listen 80
Listen 443

Now, let's go to generating the certificate. The following commands will create a password protected self signed certificate and after that the password is removed:

openssl genrsa -des3 -out pass.key 1024
openssl rsa -in pass.key -out server.key
openssl req -new -key server.key -x509 -out server.crt -days 3650

Now for the last part: how to write the cofig for your virtual hosts for accessing them via https:

NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:443>
        DocumentRoot /path-to-vhost-files
        SSLEngine on
        SSLCertificateFile /etc/apache2/keys/server.crt
        SSLCertificateKeyFile /etc/apache2/keys/server.key
        # other configuration here...

Last but not least, before testing your ssl, you need to restart apache:

/etc/init.d/apache2 restart

Well, that's all there is to it. If you're looking for a more exhaustive documentation about self-signed certificates, I would recommend reading the following post from Debian Administration.