Topic: Adding SSL to Apache2 on Debian

Topic type:

How to enable SSL (https) on your Apache setup on Debian.

Creating a key

You can create signed and unsigned certs. There are dozens of tutorials on the web for this. I'm going to show a simple unsigned cert. For production sites, you'll want to get this signed. Google for instructions on how to do so. In the rest of this topic, replace site.url.com with the actual url people will use to access the site. For example, http://www.google.com/ would be www.google.com, while http://example.com/ would be example.com. Make sure that .key and .crt remain on the end of the file names.

# mkdir /etc/apache2/certs
# cd /etc/apache2/certs
# openssl req -new -x509 -nodes -out site.url.com.crt -keyout site.url.com.key

Then follow all the prompts and when you're done, you'll have a self signed cert ready for use.

Enable Apaches SSL support

To enabled ssl support in apache, do the following.

  • Enable SSL mod: 
    # a2enmod ssl
  • Add the following line to /etc/apache2/ports.conf: 
    Listen 443
  • In the file containing the VHost for the site you want SSL enabled for, add to it the following: 
    NameVirtualHost *:443
<VirtualHost *:443>
  SSLEngine on
  SSLCertificateFile /etc/apache2/certs/site.url.com.crt
  SSLCertificateKeyFile /etc/apache2/certs/site.url.com.key
  ServerName site.url.com
  .....
</VirtualHost>
  • Forcably Reload your apache server: 
    # /etc/init.d/apache2 force-reload

Finished

Hopefully everything went well and you'll be prompted to accept the cert when you visit the site now.

Kieran P's Avatar.
Kieran P
created Adding SSL to Apache2 on Debian
on Feb 5th, 2009 at 8:03 PM
 

Discuss This Topic

There are 0 comments in this discussion.

join this discussion

 

Tags

 
Creative Commons Attribution-Share Alike 3.0 New Zealand License
Adding SSL to Apache2 on Debian by Kieran P is licensed under a Creative Commons Attribution-Share Alike 3.0 New Zealand License