• VMware

    Learn about VMware virtualization for its products like vsphere ESX and ESXi, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

  • Life always offers you a second chance ... Its called tomorrow !!!

    Tuesday, August 14, 2012

    Configure Apache server with SSL support

    You can configure apache web server with or without ssl support where as it is always recommended to use ssl along with apache for security reasons.

    Let me show you step by step configuration for the same


    Make sure all these packages are present
    • httpd 
    • openssl 
    • mod_ssl 
    • crypto-utils - used to generate certificates/private keys 
    If the packages are not there you can use yum to install them
    # yum -y install httpd mod_ssl openssl crypto-utils
    Check your host name
    # hostname (this will show your hostname)

    Generate a certificate using your FQDN# genkey server.example.com
    So we are generating key pair for FQDN server.example.com and you can see the location where the keys will be stored:

    You can select the type of encryption you want for keys.

    We don't want to create any CSR or CA because this is being done for an internal domain.

    Encrypting the key means assigning a pass phrase to use the key so every time you want to use they key, you will have to assign the pass phrase. This field can be used in high security areas but for now we can uncheck the option and move ahead.

    This will generate the key as per your selection. Fill up your details as asked :

    Once the key is generated we need to update the ssl.conf file
    # vi /etc/httpd/conf.d/ssl.conf
    # line 105
    SSLCertificateFile /etc/pki/tls/certs/server.example.com.crt
    # line 112
    SSLCertificateKeyFile /etc/pki/tls/private/server.example.com.key

    Once done restart the httpd services
    # service httpd restart
    Stopping httpd:                                  [ OK ]
    Starting httpd:                                  [ OK ]

    If you find any error then you can check the error logs at the following location
    # cd /var/logs/httpd
    Now go to browser and type the IP or FQDN using https

    Follow the below link for more tutorials:

    Configure Red Hat Cluster using VMware, Quorum Disk, GFS2, Openfiler
    Tutorial for Monitoring Tools SAR and KSAR with examples in Linux
    How to configure Samba 4 Secondary Domain Controller
    How to secure Apache web server in Linux using password (.htaccess)
    How to register Red Hat Linux with RHN (Red Hat Network )
    Red hat Enterprise Linux 5.5 Installation Guide (Screenshots)
    15 tips to enhance security of your Linux machine
    Why is Linux more secure than windows and any other OS
    What is the difference between "su" and "su -" in Linux?
    What is kernel-PAE in Linux?
    What is swappiness and how do we change its value?
    How to log iptables messages in different log file
    What are the s and k scripts in the etc rcx.d directories
    How to check all the currently running services in Linux
    How to auto start service after reboot in Linux
    What is virtual memory, paging and swap space?


    Post a Comment