So you’ve built a Linux server, and you’re testing it out, and you want to enable SSL for encrypting your http traffic in testing or non-production use. Right. No prob. I’ve put together an extremely quick cheat-sheet on how to do it on a Suse server, and some of it applies to other distros as well. Here we go…
First, please start by reading some of this (if present):
/etc/sysconfig/apache2 …there are a few good suggestions (as well as a bunch of configuration options) to get you started. The steps below are based on the things mentioned there.
Now, to create the certificate(s) for use, you can do it one of two quick-and-easy ways:
Option 1: To create a test certificate from “Snake Oil CA” as root, run:
cd /usr/share/doc/packages/apache2; ./certificate.sh
…and fill in the values as prompted.
Option 2: To create a self-named CA, self-signed cert, do this instead:
/usr/bin/gensslcert -c US -s MI -l "Southfield" -o "Your Linux Guy" -e jpavlov@yourLinuxGuy.com -d -n www.yourLinuxGuy.com
…or similar; of course customize to taste. This is actually my preferred test method, over the “Snake Oil” stuff. Use the following command to get the options:
/etc/sysconfig/apache2 make the following changes/validations:
– Ensure the
APACHE_MODULES section includes
SSL to the
/etc/apache2/vhosts.d/ do the following things:
vhost-ssl.conf, and change:
ServerName” to match your server’s name in
ServerAdmin” to your email address
Finally, restart apache with:
You are done! Now hit your webserver at https://yourServerName/ and enjoy the SSL goodness.