httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Agnello George" <agnello.dso...@gmail.com>
Subject Re: [users@httpd] How to start Apache automatically with certificate?
Date Fri, 29 Aug 2008 11:52:26 GMT
On 8/28/08, Tan, Liao <liao.tan@citi.com> wrote:
> Folks,
>  Pls gimme some direction on how to start apache (already with the https certificate
installed)automatically,that means, without informing manually the passwords, phrase?
>
Here is a little documention i had worked out ( just check it out and
let me know if its helpful !!

Apache : mod_ssl for  virtual hosting

1. The apache server should be compiled with mod_ssl enabled,. You can
check this in the httpd.conf file

LoadModule ssl_module modules/mod_ssl.so

2. Make the followin directory structure

mkdir /usr/local/apache2/conf/domains_ssl/
mkdir /usr/local/apache2/conf/domains_ssl/nokia.com/

3. once this is done create your self-signed  ssl certificate and your
ssl private key using the openssl toolkit. ( for production purpose
you may want to purchase your certificate)
( in orde that apache should not ask for a password when it restart we
do the following )

cd /usr/local/apache2/conf/domains_ssl/agnello.com/ ------> your
location of the keys for domain agnello
Step 1: Generate Private Key
openssl genrsa -des3 -out server.key 1024
( N.B: make sure that that the CN matches that of the domain name )
Step 2: Generate CSR
openssl req -new -key server.key -out server.csr
Step 3: Remove Passphrase
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
Step 4: Sign the Certificate
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

you would have the follwing keys generated.

server.crt  server.csr  server.key  server.key.org


Once this is done go to the very last line in the httpd.conf file

( add the following  if not already there )

<IfModule ssl_module>
  Listen 443
  SSLRandomSeed startup builtin
  SSLRandomSeed connect builtin
</IfModule>

now in the httpd-vhost.conf file (
/usr/local/apache2/conf/extra/httpd-vhosts.conf ) add the following

NameVirtualHost 192.168.0.244:443

<VirtualHost 192.168.0.244:443>
ServerAdmin admin@agnello.sys.qualiproj.com
ServerName agnello.sys.qualiproj.qualispace.com
ServerAlias www.agnello.sys.qualiproj.qualispace.com
DocumentRoot /websites/agnello.com/web
SSLEngine on
SSLCertificateKeyFile /usr/local/apache2/conf/domains_ssl/agnello.com/server.key
SSLCertificateFile /usr/local/apache2/conf/domains_ssl/agnello.com/server.crt
ErrorLog /websites/agnello.com/logs/agnello.sys.qualiproj.error_log
CustomLog /websites/agnello.com/logs/agnello.sys.qualiproj.access_log common
</VirtualHost>



Now you can restart apache . it will not prompt you for a password .

Now view you site

https://domain.com



-- 
Regards
Agnello D'souza
www.linux-vashi.blogspot.com
www.bible-study-india.blogspot.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message