SSL Configuration on Apache

These are some Recipies for configuring ssl under apache

Getting a free SSL Certificate

Use StartSSL.com

Note: Normal httpd configuration only allows for one ssl certificate domain per IP.
Since a certificate with multiple domains cost money, that's a hassle.
There seem to be ways around this: Link.

Note: At the step to create a private key, select SHA1 if you want Windows XP clients to be able to connect to your site!

Configuring Apache in a nutshell

  1.  You need to uncomment the file httpd-ssl.conf  in httpd.conf
  2. Copy all the files you get from startssl to your server
  3.  In httpd-ssl.conf make sure those values are set.

SSLEngine On
SSLCertificateFile /usr/local/apache2/mydomain.com.crt
SSLCertificateKeyFile /usr/local/apache2/mydomain.com.key
SSLCACertificateFile /usr/local/apache2/conf/ca.pem
SSLCertificateChainFile "/usr/local/apache2/conf/sub.class1.server.ca.pem"

 

Redirecting http to https

Add the following in the VirtutalHost  block of the host you are wishing to redirect.
The file is called httpd-vhosts.conf

<VirtualHost *:80>
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R=301,L]
</VirtualHost>

Source

Written by Andreas Wildi on Thursday November 14, 2013
Permalink -

« Fixing UTF-8 Encoding when using the PHP ORM Idiorm - Mod_SSL Module not compiled when compiling apache. Install Mod_SSL without recompiling Apache! »