KB: Apache SSL Configuration on Ubuntu

Apache SSL Configuration on Ubuntu Linux.



This article assumes that you already have Apache installed on your system and that you will be using a self-signed certificate.

Create a Self-signed Certificate

1. Run the following command and answer the prompts (I renamed the resulting apache.pem to webmail.pem for this example):

apache2-ssl-certificate -days 1825

or in the case of Ubuntu Feisty and newer (apache2-ssl-certificate is missing):

openssl req $@ -new -x509 -days 1825 -nodes -out /etc/apache2/webmail.pem -keyout /etc/apache2/webmail.pem

Note: if you wish to create a wild card certificate, enter an asterisk ‘*’ when prompted for host name.

Add a Virtual Host

1. Edit /etc/apache2/ports.conf and add:

Listen 443

2. Enable SSL:

a2enmod ssl

3. Create file /etc/apache2/sites-available/zunisoftssl:

NameVirtualHost *:443

<virtualhost _default_:443>
        SSLEngine On
        SSLCertificateFile /etc/apache2/ssl/webmail.pem
        RedirectMatch ^/$ http://www.zunisoft.com/

<virtualhost *:443>
        ServerName webmail.zunisoft.com
        ServerAdmin webmaster@zunisoft.com

        DocumentRoot /var/www/webmail

        <location awstats>
                Order deny,allow
                Deny from all

        SSLEngine On
        SSLCertificateFile /etc/apache2/ssl/webmail.pem

        ErrorLog /var/log/apache2/webmail.error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog /var/log/apache2/webmail.access.log combined
        ServerSignature On

4. Create the following link in /etc/sites-enabled:

ln -s /etc/apache2/sites-available/zunisoftssl 001-zunisoftssl

5. Restart Apache:

/etc/init.d/apache2 restart

To Top

Leave a Reply

Your email address will not be published. Required fields are marked *