CentOS / Redhat Apache mod_ssl install
Install mod_ssl
yum update
yum install mod ssl
Create an SSL Certificate
cd /etc/tls/certs
openssl genrsa -des3 -out apachekey.pem 2048
Generate a Certificate Signing Request (CSR)
Type the following command:
# openssl req -new -key apachekey.pem -out apachekey.csr
Create the Web Server Certificate
You must signed the CSR to create the web server certificate, enter (you can send it to your CA to sign the same). To sign httpserver.csr using your CA:
# openssl ca -in apachekey.csr -out apachecert.pem
Install SSL Certificate
Copy server key and certificates files /etc/tls/http/, enter:
# cp apachecert.pem /etc/tls/http/
# cp apachekey.pem /etc/tls/http/
Edit /etc/httpd/conf.d/ssl.conf, enter:
# vi /etc/httpd/conf.d/ssl.conf
Listen to the the HTTPS port, enter:
Listen 10.10.29.68:443
Update it as follows to seed appropriately, enteR:
SSLRandomSeed startup file:/dev/urandom 1024 SSLRandomSeed connect file:/dev/urandom 1024
Update VirtualHost as follows:
<VirtualHost www.ajayadas.com:443> SSLEngine On SSLCertificateFile /etc/tls/http/apachecert.pem SSLCertificateKeyFile /etc/tls/http/apachekey.pem SSLProtocol All -SSLv2 SSLCipherSuite HIGH:MEDIUM:!aNULL:+MD5 DocumentRoot "/var/www/html/ssl" ServerName www.ajayadas.com:443 </VirtualHost>
Save and close the file. Make sure /var/www/html/ssl exits, enter:
# mkdir -p /var/www/html/ssl
Edit /etc/httpd/conf/httpd.conf, enter:
# vi /etc/httpd/conf/httpd.conf
Make sure SSL is used for /var/www/html/ssl and set other options for the same, enter:
<Directory /var/www/html/ssl> SSLRequireSSL SSLOptions +StrictRequire SSLRequire %{HTTP_HOST} eq "www.ajayadas.com" ErrorDocument 403 https://www.ajayadas.com/sslerror.html </Directory>
Now, you can upload ssl specific php or html pages in /var/www/html/ssl directory and can access them by visiting https://www.nixcraft.com/ url. Do not forgot to restart Apache:
# service httpd restart