SSL is a Secure Sockets Layer, a protocol for encrypting information over the Internet.
OpenSSL is an open source implementation of the SSL and TLS protocols.
Apache is the most commonly used Web Server on Linux systems. Web Servers are used to serve Web Pages requested by client computers. Clients typically request and view Web Pages using Web Browser applications.
The most common protocol used to transfer Web pages is the Hyper Text Transfer Protocol (HTTP). Protocols such as Hyper Text Transfer Protocol over Secure Sockets Layer (HTTPS), and File Transfer Protocol (FTP), a protocol for uploading and downloading files, are also supported.
Apache Web Servers are often used in combination with the MySQL database engine, the HyperText Preprocessor (PHP) scripting language, and other popular scripting languages such as Python and Perl. This configuration is termed LAMP (Linux, Apache, MySQL and Perl/Python/PHP) and forms a powerful and robust platform for the development and deployment of Web-based applications.
Advantage of SSL
Customers Will Trust Your Website
Avoid Disputes Due to Credit Card Fraud
Install SSL
Mostly apache2 and openssl packages are already installed. If there is not installed in your system then install it first.
Enable the SSL module
$ sudo a2enmod ssl
Restart apache
$sudo service apache2 graceful
Listen to port 443
$sudo bash
$echo “Listen 443” >> /etc/apache2/ports.conf
$ wget http://librarian.launchpad.net/7477840/apache2-ssl.tar.gz
$ gunzip apache2-ssl.tar.gz
$ tar xvf apache2-ssl.tar
$ sudo cp apache2-ssl-certificate /usr/sbin/
$ sudo cp ssleay.cnf /usr/share/apache2/
Generate the certificate
Create a certificate which is valid for one year.
$ sudo mkdir /etc/apache2/ssl
$ cd /etc/apache2/ssl
$ sudo apache2-ssl-certificate -days 365
Create and enable the SSL site
$ sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
$ sudo ln -s /etc/apache2/sites-available/ssl /etc/apache2/sites-enabled/ssl
The above commands will copy the default virtual host template into a new place specific for your ssl virtual host, then create a symbolic link to it in the apache “sites-enabled” directory so that it becomes enabled.
Now the final step, open the file /etc/apache2/sites-available/ssl in sudo mode with editor and edit/add the sections of the template which are in bold:
NameVirtualHost *:443
<virtualhost *:443>
ServerAdmin webmaster@localhost
SSLEngine On
# the following lines are links to the certs
SSLCertificateFile /etc/apache2/ssl/apache.pem
DocumentRoot /var/www/
Options FollowSymLinks
AllowOverride None
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
# This directive allows us to have apache2′s default start page
# in /apache2-default/, but still have / go to the right place
# Commented out for Ubuntu
#RedirectMatch ^/$ /apache2-default/
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
Alias /doc/ “/usr/share/doc/”
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
Restart apache
$sudo service apache2 graceful
Enjoy!!
