How to setup SSL certificate for apache
Limited Time Offer!
For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!
Environment
SUSE Linux Enterprise ServerNovell Open Enterprise ServerNovell GroupWise
Situation
How to SSLize WebAccess on Linux
How to secure WebAccess using SSLGroupWise WebAccess shows untrusted certificate after pointing to 3rd party certificate using ConsoleOne for WebAccess Agent
Resolution
- (conditional) If not yet configured, Enable the SSL module and set the Apache Server Flags to SSL:
- From a terminal window: edit file /etc/sysconfig/apache2
- Verify ssl is found in the list of APACHE_MODULES.
Note: If it is not, please run the following command, which should enable the ssl module and add it to this list:
sudo a2enmod ssl - From this same file, please find APACHE_SERVER_FLAGS=”” and add SSL in between the quotations.
- Create a virtual host for ssl by copying from the template:
cp /etc/apache2/vhosts.d/vhost-ssl.template /etc/apache2/vhosts.d/vhost-ssl.conf
- Configure Apache to use new certificate files:
- From a terminal window: cd /etc/apache2/vhosts.d/
- Edit file vhost-ssl.conf
- Update paths to the appropriate file(s) as needed:
- SSLCertificateFile <directory to the cert (*.cert)>
- SSLCertificateKeyFile <path to the private key (*.key)>
- SSLCertificateChainFile <path to CA Chain file(s)>
- SSLCACertificateFile <path to bundles>
- Save and Close.
- From a Terminal window: type rcapache2 restart and press Enter.
Additional Information
How to setup Apache using a single PEM file, if so desired.
Replace Step 2 above with the following:
- See TID 7013103 – How to create a .pem file for SSL Certificate Installations
- Point Apache to the New PEM:
- From a terminal window: type cd /etc/apache2/vhosts.d/ and press Enter.
- Edit file vhost-ssl.conf
- Find and replace with the path to the same file:
- SSLCertificateFile <path to the server.pem>
- SSLCertificateChainFile <path to the server.pem>
- Comment out any other Certificate configuration (pem created above includes them):
- SSLCertificateKeyFile
- SSLCACertificateFile
- Save and Close.
- From a Terminal window: type rcapache2 restart and press Enter.