« Chapter 24 . Running a Linux, (Web site translator) Apache, MySQL,
Medical web site - Chapter 24 . Running a Linux, Apache, MySQL, »

Best web hosting - 670 Part V . Running Servers Configuring Apache

670 Part V . Running Servers Configuring Apache to Support SSL/TLS Once your keys have been generated, you need to install the mod_ssl Apache module, which adds SSL/TLS support to Apache, and then configure it using the appropriate configuration directives. Here s how: 1. SSL and TLS support can be added to Apache by installing the mod_ssl package: # apt-get install libapache-mod-ssl # apache-modconf apache enable mod_ssl Replacing config file /etc/apache/modules.conf with new version 2. Add an SSL-enabled virtual host to your Apache configuration files. Using the earlier virtual host as an example, your configuration will look something like this: Listen *:443 ServerName secure.example.org DocumentRoot /home/username/public_html/ User username Group groupname DirectoryIndex index.php index.html index.htm SSLEngine On SSLCertificateKeyFile /etc/apache/ssl.key/server.key SSLCertificateFile /etc/apache/ssl.crt/server.crt SSLCACertificateFile /etc/apache/ssl.crt/ca.crt This example uses a wildcard for the IP address in the VirtualHost declaration, which saves you from having to modify your configuration file in the event that your IP address changes but also prevents you from having multiple SSL virtual hosts. In the event that you do need to support more than one SSL virtual host, replace * with the specific IP address that you assign to that host. See the Troubleshooting section earlier in the chapter for more information about the Listen directive. A CA generally provides you with a certificate file to place in ca.crt and sometimes also provides you with a separate file that you will need to reference using a SSLCertificateChainFile directive. The mod_ssl package also includes an /etc/apache/ssl.crt/ca-bundle.crt, which contains the certificates from most of the well-known certificate authorities and can be referenced as long as the appropriate CA certificate is included. When running your own CA, point this directive to a file containing the public key from that CA. Omit this line when using a self-signed certificate. Note
If you are looking for affordable and reliable webhost to host and run your business application visit our ftp web hosting services.

This entry was posted on Wednesday, August 29th, 2007 at 12:11 pm and is filed under PHP5. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply