How To Setup SSL On Ubuntu
This the second part of the SSL setup tutorial. Before reading this make sure you have followed the step shown How To Create A Certificate Signing Request (CSR) For SSL. In This tutorial i am assuming you have only one domain and no sub-domains on the server. By now you have domainname.com.key,domainname.com.csr and domainname.com.crt file. Another crt file is provided by SSL certificate issuer companies which is called Intermediate Certificate. If you dont have it ask your provider to give it to you.
Now put all the certificate files in ~/domainname.com.ssl/ folder. First we will check is the ssl port which is 443 is open or not.
It should be like following command. If not then add the following code in the ports.conf file
Listen 80 <IfModule mod_ssl.c> Listen 443 </IfModule>
Now we are going to copy the default setting for the ssl .
cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
Now we going add some lines to the ssl file so that apache will know where to find the certificates for SSL.
First open the file
Now the file looks like this
NameVirtualHost * <VirtualHost *> ServerAdmin webmaster@localhost DocumentRoot /var/www/ <Directory />
Now We going to make some changes so that the SSL file looks like the following
NameVirtualHost *:443 <VirtualHost *:443> ServerAdmin webmaster@localhost SSLEngine On SSLCertificateFile /root/domainname.com.ssl/domainname.com.crt SSLCertificateKeyFile /root/domainname.com.ssl/domainname.com.key SSLCertificateChainFile /root/domainname.com.ssl/PositiveSSLCA.crt DocumentRoot /var/www/
PositiveSSLCA.crt is the intermediate SSL certificate. Now we are going to enable the ssl and reload the apache server.
a2enmod ssl /etc/init.d/apache2 force-reload /etc/init.d/apache2 restart
See this so simple. But to implementing SSL with ip-based is quite a work. I will post about this next week. Be sure to subscribe the blog.