Using SSL(Secure Socket Layer) with web server provides the Secure and Encrypted communications between web server and client. Here we are going to use OpenSSL for this.
Requirements:
1. httpd
2. openssl
3. mod_ssl
4. crypto-utils (genkey)
crypto-utils is used to generate certificates/private keys/CSRs and also used to create a self-signed certificate.
Steps:
1. Install the requirements
a. Install mod_ssl - module for Apache, which provides SSL support
#yum -y install mod_ssl
/etc/httpd/conf.d/ssl.conf - includes key SSL directives
b. Install crypto-utils - provies /usr/bin/genkey
#yum -y install crypto-utils
2. Generate SSL usage keys using genkey
#genkey site.example.com
The above command creates text-gui interface. Follow the steps in the interface.
3. Update /etc/httpd/conf.d/ssl.conf to reference the new keys (public/private)
4. Restart the HTTPD server
#service httpd restart
#httpd -S
5. Test HTTPS connectivity
https://<Server-Name>
Note: For mutliple SSL sites, copy the: /etc/httpd/conf.d/ssl.conf file to distinct files, that match your distinct IP-based Virtual Hosts
What do you think about this Article? Add your Opinion..! EmoticonEmoticon