{"id":55,"date":"2008-07-21T01:16:24","date_gmt":"2008-07-21T06:16:24","guid":{"rendered":"http:\/\/yourlinuxguy.com\/?p=55"},"modified":"2008-07-16T11:22:29","modified_gmt":"2008-07-16T16:22:29","slug":"how-can-i-quickly-enable-ssl-with-apache2","status":"publish","type":"post","link":"https:\/\/yourLinuxGuy.com\/?p=55","title":{"rendered":"How can I quickly enable SSL with Apache2?"},"content":{"rendered":"<p>So you&#8217;ve built a Linux server, and you&#8217;re testing it out, and you want to enable SSL for encrypting your http traffic in testing or non-production use. Right. No prob. I&#8217;ve put together an extremely quick cheat-sheet on how to do it on a Suse server, and some of it applies to other distros as well. Here we go&#8230;<\/p>\n<p>First, please start by reading some of this (if present): <code>\/etc\/sysconfig\/apache2<\/code> &#8230;there are a few good suggestions (as well as a bunch of configuration options) to get you started. The steps below are based on the things mentioned there.<\/p>\n<p>Now, to create the certificate(s) for use, you can do it one of two quick-and-easy ways:<\/p>\n<p>Option 1: To create a test certificate from &#8220;Snake Oil CA&#8221; as root, run:<br \/>\n<code>cd \/usr\/share\/doc\/packages\/apache2; .\/certificate.sh<\/code><br \/>\n&#8230;and fill in the values as prompted.<\/p>\n<p>Option 2: To create a self-named CA, self-signed cert, do this instead:<br \/>\n<code>\/usr\/bin\/gensslcert -c US -s MI -l \"Southfield\" -o \"Your Linux Guy\" -e jpavlov@yourLinuxGuy.com -d -n www.yourLinuxGuy.com<\/code><br \/>\n&#8230;or similar; of course customize to taste. This is actually my preferred test method, over the &#8220;Snake Oil&#8221; stuff. Use the following command to get the options:<br \/>\n<code>\/usr\/bin\/gensslcert --help<\/code><\/p>\n<p>Then, in <code>\/etc\/sysconfig\/apache2<\/code> make the following changes\/validations:<br \/>\n&#8211; Ensure the <code>APACHE_MODULES<\/code> section includes <code>ssl<\/code><br \/>\n&#8211; Add <code>SSL<\/code> to the <code>APACHE_SERVER_FLAGS<\/code> section<\/p>\n<p>Also, in <code>\/etc\/apache2\/vhosts.d\/<\/code> do the following things:<br \/>\n&#8211; Copy <code>vhost-ssl.template<\/code> to <code>vhost-ssl.conf<\/code><br \/>\n&#8211; Edit <code>vhost-ssl.conf<\/code>, and change:<br \/>\n&#8220;<code>ServerName<\/code>&#8221; to match your server&#8217;s name in <code>\/etc\/hosts<\/code><br \/>\n&#8220;<code>ServerAdmin<\/code>&#8221; to your email address<\/p>\n<p>Finally, restart apache with:<br \/>\n<code>rcapache2 stop<\/code><br \/>\n<code>rcapache2 start<\/code><\/p>\n<p>You are done! Now hit your webserver at https:\/\/yourServerName\/ and enjoy the SSL goodness.<\/p>\n<p>Enjoy&#8230;<\/p>\n<p>\ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"<p>So you&#8217;ve built a Linux server, and you&#8217;re testing it out, and you want to enable SSL for encrypting your http traffic in testing or non-production use. Right. No prob. I&#8217;ve put together an extremely quick cheat-sheet on how to&#8230;<br \/><a class=\"read-more-button\" href=\"https:\/\/yourLinuxGuy.com\/?p=55\">Read more<\/a><\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[44,11,45,15],"tags":[],"class_list":["post-55","post","type-post","status-publish","format-standard","hentry","category-apache","category-intermediate","category-openssl","category-suse"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pnjn1-T","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/posts\/55","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=55"}],"version-history":[{"count":2,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/posts\/55\/revisions"}],"predecessor-version":[{"id":57,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/posts\/55\/revisions\/57"}],"wp:attachment":[{"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=55"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=55"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=55"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}