Entri Populer

Monday, March 28, 2011

Apache 2 SSL and Redirection

Now, i need to create ssl for my domain netmon.foo.com. therefore i do the following :
1. Make sure Apache2 mod ssl is install and enable
    To activate SSL module on Apache 2, issue this command : a2enmod ssl
    The above command only apply when you already install Apache2 mod ssl but not enable it yet
2. Make sure Openssl is install on my Linux box
3. after making sure all the above item are completed, then type  in :
    openssl req -new -x509 -days 365 -keyout path_to_my_apache_key_directory/virtualhost1.key -out path_to_my_apache_crt_directory/virtualhost1.crt  <Hit Enter>


    The system will then ask for Country Code, City, Organizational Unit, Company Name, Common Name. 
    Fill   in all the above field but make sure the Common Name reflect your website domain name, otherwise you might end up with name certificate does not match with website domain name error.
check out these links :
a. apache-2-ssltls-step-step-part-1 
b. apache-ssl-deflate 
Next step, i need to configure your virtualhost1.conf and create new configuration for the website that will be access via https. 
The configuration may look like this :

NameVirtualHost *:443
<VirtualHost *:443>
    ServerName netmon.foo.bar
    DocumentRoot path_to_my_server_web_server_directory

    SSLEngine On                                                                                                                                                      
    SSLCertificateFile path_to_my_apache_crt_directory/virtualhost1.crt                                                                                                                         
    SSLCertificateKeyFile path_to_my_apache_key_directory/virtualhost1.key                                                                                                                      
    <Location />                                                                                                                                                        
    SSLRequireSSL On                                                                                                                                                    
    SSLVerifyClient optional                                                                                                                                            
    SSLVerifyDepth 1                                                                                                                                                    
    SSLOptions +StdEnvVars +StrictRequire                                                                                                                               
    </Location>
        <Directory path_to_my_server_web_server_directory>
        Options +FollowSymLinks
        AllowOverride None
        order allow,deny
        allow from all
        AddType application/x-httpd-php .php
        DirectoryIndex index.php

     </Directory>
</VirtualHost>
Restart the apache service and try the connection https://netmon.foor.bar 


As additional i also want to redirect regular http request http://netmon.foo.bar to https://netmon.foo.bar. I create new virtualhost configuration name netmon-http.


The content of netmon-http :

NameVirtualHost *:80
<VirtualHost *:80>
Servername netmon.foo.bar
Redirect / https://netmon.foo.bar
</VirtualHost> 


Restart the Apache service again and then try to open http://netmon.foo.bar, then it will be redirect to https://netmon.foo.bar


Thanks to Triprasetyono for the help
Diposkan oleh di

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)