Sunday, July 8, 2007

KB: Apache SSL Configuration on Ubuntu

Apache SSL Configuration on Ubuntu Linux.



This article assumes that you already have Apache installed on your system and that you will be using a self-signed certificate.

Create a Self-signed Certificate

1. Run the following command and answer the prompts (I renamed the resulting apache.pem to webmail.pem for this example):
apache2-ssl-certificate -days 1825
or in the case of Ubuntu Feisty and newer (apache2-ssl-certificate is missing):
openssl req $@ -new -x509 -days 1825 -nodes -out /etc/apache2/webmail.pem -keyout /etc/apache2/webmail.pem
Note: if you wish to create a wild card certificate, enter an asterisk '*' when prompted for host name.

Add a Virtual Host

1. Edit /etc/apache2/ports.conf and add:
Listen 443
2. Enable SSL:
a2enmod ssl
3. Create file /etc/apache2/sites-available/zunisoftssl:
NameVirtualHost *:443

<virtualhost _default_:443>
        SSLEngine On
        SSLCertificateFile /etc/apache2/ssl/webmail.pem
        RedirectMatch ^/$

<virtualhost *:443>

        DocumentRoot /var/www/webmail

        <location awstats>
                Order deny,allow
                Deny from all

        SSLEngine On
        SSLCertificateFile /etc/apache2/ssl/webmail.pem

        ErrorLog /var/log/apache2/webmail.error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog /var/log/apache2/webmail.access.log combined
        ServerSignature On
4. Create the following link in /etc/sites-enabled:
ln -s /etc/apache2/sites-available/zunisoftssl 001-zunisoftssl
5. Restart Apache:
/etc/init.d/apache2 restart
To Top